By Jason Snell
November 29, 2017 9:16 AM PT
A bit more about Apple’s automatic security updates
On Wednesday Apple released a security update to the macOS root security hole made public yesterday. You can download it now, but if you’re running High Sierra and you don’t download it, it will download and install itself:
This morning, as of 8:00 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.
This isn’t the first time Apple has forced the automatic installation of a security patch. Back in December 2014, a security hole in the Network Time Protocol daemon was discovered. Rather than wait, Apple pushed out a security update that was automatically installed on compatible Macs. Like the current update, it’s not something that requires that your Mac restart—it just happens in the background, and you receive a Notification Center alert that a security update has been installed. This seems to be the key combination to kick off one of these automatic patches: a severe security problem that can be fixed without requiring a restart.
This isn’t the only automatically-updating security feature Apple has at its disposal. Since 2011, “Apple maintains a list of known malicious software…. The list is stored locally, and… is updated daily by a background process.” This all happens via the security mechanism that has evolved into Gatekeeper, which checks the viability of all newly downloaded software before launching it for the very first time.
In recent years Apple has applied a lot of the automatic-update philosophy from iOS to macOS as well. Perhaps most notably, macOS now automatically downloads even major OS updates in the background, making it more likely that you’ll update to High Sierra (or whatever comes next).
[If you appreciate articles like this one, help us continue doing Six Colors (and get some fun benefits) by becoming a Six Colors subscriber.]