Alongside the features and bug fixes in its non-Mac operating systems (see “Apple Releases iOS 14.2, iPadOS 14.2, watchOS 7.1, HomePod Software 14.2, and tvOS 14.2,” 5 November 2020), Apple has released macOS Catalina 10.15.7 Supplemental Update (with a re-release of macOS Catalina 10.15.7 Update for those who haven’t yet installed it), iOS 12.4.9 (for the iPhone 5s, iPhone 6 and 6 Plus, iPad Air, iPad mini 2 and 3, and the sixth-generation iPod touch), watchOS 5.3.9 (for the Apple Watch Series 1 and later), and watchOS 6.2.9 (for the Apple Watch Series 1 and Series 2).
These updates all address the same three serious security vulnerabilities, which could lead to arbitrary code execution or kernel memory being disclosed. That’s bad, but the real problem is that Apple says it is aware of reports that exploits for these vulnerabilities exist in the wild. In other words, the bad guys are already using these bugs to attack Apple devices.
The updates for iOS 14.2, iPadOS 14.2, and watchOS 7.1 also close these vulnerabilities; tvOS 14.2 has security fixes but apparently isn’t vulnerable to these particular bugs. Needless to say, whatever operating system version you’re using, if there’s an update to address these vulnerabilities, we encourage you to install it sooner rather than later.
Once you install the macOS Catalina 10.15.7 Supplemental Update, macOS will have the build number 19H15, which you can verify by choosing About This Mac from the Apple menu and clicking the version number.
Note that iOS 13 and iPadOS 13 did not receive any updates for these vulnerabilities, presumably because Apple expects those users to upgrade to iOS 14.2 and iPadOS 14.2. Given the lack of updates for them, we also presume that 10.14 Mojave and older versions of macOS aren’t affected by these vulnerabilities.