Photo by Apple
Apple Releases macOS 10.14.6, iOS 12.4, watchOS 5.3, tvOS 12.4, and More
It’s time for another round of operating system updates, with Apple releasing macOS 10.14.6, iOS 12.4, watchOS 5.3, and tvOS 12.4. Surprisingly, the company also released updates to much older versions of iOS—versions 10.3.4 and 9.3.6—to fix a few problems that older iOS devices might encounter.
Normally, we recommend waiting a few days before installing minor updates, but Security Editor Rich Mogull recommends updating to macOS 10.14.6 and iOS 12.4 right away due to the severity of the remote execution vulnerabilities they address.
With macOS 10.14.6, Apple is focusing on adding features to Apple News and providing a few bug fixes. The Apple News improvements make downloaded magazine issues available in the My Magazines section even while the Mac has no Internet access, add all publications in Apple News+ to the catalog at the top of the News+ feed, and let you clear downloaded magazine issues in History > Clear > Clear All.
As far as bug fixes go, macOS 10.14.6:
- Addresses an issue which prevents the creation of a new Boot Camp partition on an iMac or Mac mini with a Fusion Drive
- Resolves a bug that may cause a hang during a restart
- Resolves a graphics issue that may occur when waking from sleep
- Fixes an issue that may cause full-screen video to appear black on the Mac mini
- Improves file-sharing reliability over SMB
- Addresses a bug that could cause file-sharing connections to drop
- Improves the compatibility of Xsan clients when accessing volumes that use 1K or larger LUN sector sizes
macOS 10.14.6 also includes 25 security fixes.
The update weighs in at 2.64 GB, and you can install it using the Software Update pane of System Preferences.
The iOS 12.4 update fixes the Walkie-Talkie vulnerability on the Apple Watch and reactivates that feature (see “Apple Disables the Apple Watch Walkie-Talkie App Due to Eavesdropping Vulnerability,” 11 July 2019).
iOS 12.4 provides a new iPhone migration tool that “introduces the ability to wirelessly transfer data and migrate directly from an old iPhone to a new iPhone during setup.” It extends the existing Quick Start feature that helps you set up a new device using an existing one. Apple says you can also connect the devices using the Lightning to USB 3 Camera Adapter and a Lightning to USB Cable, but it’s not clear when that might be preferable.
The iOS 12.4 update offers the same Apple News improvements as appear in macOS 10.14.6: making downloaded issues available in My Magazines even while offline, adding all publications in Apple News+ to the News+ catalog, and letting you clear downloaded magazine issues.
Many outlets are also reporting that iOS 12.4 adds support for the forthcoming Apple Card (see “Apple Card: More Than Just a Credit Card,” 28 March 2019), but Apple doesn’t mention that in the release notes.
iOS 12.4 includes 19 security fixes.
You can update to iOS 12.4 in Settings > General > Software Update or through iTunes. The update weighs in at 385.4 MB on the iPhone X and 319.8 MB on the 10.5-inch iPad Pro.
iOS 10.3.4 and 9.3.6
Although Apple very seldom updates obsolete versions of iOS, MacRumors is reporting that Apple has released iOS 10.3.4 and 9.3.6 to fix a problem that impacts GPS location performance and could lead to incorrect system dates and times. If you’re using a device that can’t upgrade beyond one of those versions, the update is likely worth installing after waiting a few days to make sure it doesn’t introduce new problems.
As with previous watchOS updates, watchOS 5.3 enables the ECG app and irregular heart rhythm notifications in more countries, this time bringing Croatia, Czech Republic, Iceland, Poland, and Slovakia into the fold. It also disables accessories with insecure Bluetooth connections, fixes an issue where the numbers on the Explorer face wouldn’t appear for some users, and adds a new watch face.
watchOS 5.3 has 16 security fixes. Oddly, the Walkie-Talkie vulnerability discussed in the iOS 12.4 release notes doesn’t warrant a mention here.
You can install the 104 MB update using the iPhone’s Watch app—go to Watch > General > Software Update. Once you update to iOS 12.4, you may as well update to watchOS 5.3 too.
Apple has released tvOS 12.4, saying nothing more about its changes other than the usual “general performance and stability improvements.” The company also issued Apple TV Software Update 7.3.1 for the third-generation Apple TVs with the same unhelpful description. It’s entirely possible that the entire point of tvOS 12.4 is to disseminate 14 security fixes.
If automatic updates aren’t on, you can update your Apple TV HD or Apple TV 4K by going to Settings > System > Software Updates. For a third-generation Apple TV, go to Settings > General > Software Updates.
I received a notification concerning Security Update 2019-004 High Sierra yesterday afternoon. I assume that Security Editor Rich Mogull recommendation concerning updating macOS 10.14 quickly also applies to macOS 10.12.
Security Update 2019-004 for High Sierra was another one of these annoying updates that had to be run twice. Including downloading the ~2GB installer TWICE. Here’s a piece of advice: do not attempt to install several updates at once. Instead do all but the security update. Then, once that’s the only left, do that one.
Yes, Rich was particularly concerned about all the remote attacks and especially the Bluetooth one.
So, this is odd (and somewhat concerning). I ran App Store this morning on my High Sierra machine and it said I had two updates, a security update and Safari. I installed Safari, and that seemed to work fine, then I installed the security update, and it did what appeared to be the usual things (I was working on another machine so not paying complete attention).
However, after it rebooted, I ran App Store again, and it shows no updates available, but the last update and only update in the last 30 days is Safari. No sign of the security update.
If I look in /System/Library/Receipts, the bom and plist for the Safari update are there, then 4 minutes after that, there’s a com.apple.pkg.macOSBrain. It’s the only macOSBrain in the directory. The last security update is com.apple.pkg.update.os.SecUpd2019-003HighSierra on May 16th (can’t remember if I installed it right away or not, so it may have been released earlier). The macOSBrain bom only specifies /usr/libexec/atomicupdatetool, which does exist and was last updated today at the same time the macOSBrain bom and plist were written.
So it looks like I don’t have the latest security update installed, but for some reason whatever’s checking thinks I do and isn’t offering it again. That’s… worrisome.
The moral is to check that everything that should have been installed shows up in App Store. I’m not sure how to force the security update to be installed, but will investigate further.
Addendum: The security update is downloadable from https://support.apple.com/downloads. I’m downloading it now and will see what happens when I install it from the dmg.
That sounds related to what I reported above. It’s not the first time people are reporting things like this with Sec Updates on HS.
Ok, installed the downloaded security update, and now things look normal. It shows up in the App Store as an installed update, and /System/Library/Receipts has the bom & plist for 2019-004 (plus 3 other new bom/plist pairs).
Yes, I saw your post, and have had the double update happen before, and I even took your advice and installed Safari first then the security update.
While the double update is fairly annoying (I wish I had the infinite free bandwidth everyone at Apple seems to have), missing the update seems much more insidious. At least with the double update it eventually gets installed. If I hadn’t been aware of update issues and looked closely, I would have been running without the update.
It seems that Apple has pulled the Security Update for older versions of macOS temporarily after some MacBook Pros were kernel panicking after being put into sleep.
On the assumption that Apple will fix this quickly, we’ve just held our Watchlist item about the Security Update, since we hadn’t published it before Apple pulled the update.
They also pulled the 10.14.6 BridgeOS update that is required for older T1/T2 equipped Macs, so they are no longer able to apply the 10.14.6 update. It’s thought to impact:
It seems that if you update to 10.14.6, you may have serious performance issues with VMware Fusion virtual machines. If you rely on a Windows VM in Fusion, it would be a good idea to wait until VMware (or Apple) has addressed the problem.
This may be a little obscure, but I have a first generation iPad Mini running iOS 9.3.5. Needless to say, it has some problems accessing websites, etc. but I don’t use it enough to have felt a need to replace it just yet. When I saw there was a 9.3.6 out, I thought this might help with some of the difficulties I’ve been having. But I just got around to checking for updates on the device and got a message saying my OS was up to date. What about 9.3.6?
There were definitely updates posted for
If you don’t have a cell equipped iPad, that would explain it, as the update only addressed problems with those.
If you tried using OTA update, try again with iTunes.
Yes, it’s wifi only. That explains it. Oh well…
Thanks as always!
It seems that the deadline to update to iOS 10.3.4 on an iPhone 5 or iOS 9.3.6 on an iPhone 4s has now passed, so if you haven’t yet updated, you’ll need to back up the iPhone to iTunes, erase it, and restore to get the new version that has fixes for the GPS time rollover issue. If you don’t install the appropriate update, GPS locations reportedly won’t be accurate.
Join the discussion in the TidBITS Discourse forum