macOS 11.3.1
Mr. Macintosh (also: MacRumors):
Surprise!!! Apple just a new macOS Big Sur 11.3.1 Update. The release comes only one week after 11.3.
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved state management. CVE
[…]
Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
Description: An integer overflow was addressed with improved input validation.
Although it apparently addresses just these two vulnerabilities, it’s still 3.3 GB for an M1 Mac.
So... where are the Catalina and Mojave security updates for these actively exploited issues???
Previously:
Update (2021-05-05): Juli Clover:
Apple today released a new version of Safari 14.1 for macOS Catalina and macOS Mojave users, with the update introducing fixes for two WebKit vulnerabilities that were patched in macOS Big Sur yesterday.
5 Comments RSS · Twitter
More than three gigabytes for these two little security fixes, folks! Can it get any more absurd?
Can't help but reminisce about back in the Amiga days, when Workbench came on one floppy disk. This wee patch would take up more than three thousand of those plastic, metal and mylar containers (about a hundred pounds)…
As a point of comparison, on Windows 10, the monthly bugfix and security updates only take about 2 minutes from clicking Restart to seeing the desktop again. As much as Windows Update can be glitchy, somehow the experience manages to be better than macOS at this point.
I imagine two 3+ GB updates in the span of a week must be particularly annoying for the poor folks that have bandwidth caps.
I'm so punch drunk from Apple updates that I was thrilled that the Big Sur updates were "only" 3 GB!
Is Spotlight messed up in Big Sur? I'm having 2 problems... 1) The order of the results seems to be random now, instead of based on what I use / access most frequently and/or what result most closely matches the exact string that I type. And 2) Holding down the Command key no longer shows the path to the items in the result list. If fact, I can't see any way to differentiate similarly named items based on where they are on my disk until I actually click on it. This is so dumb.