macOS 14.2.1
Juli Clover (release notes, security, developer, full installer, IPSW):
According to Apple’s release notes, macOS Sonoma 14.2.1 includes bug fixes and a security update. macOS 14.2.1 fixes a screen sharing vulnerability that could cause a user to unintentionally share the incorrect content.
See also: Mr. Macintosh and Howard Oakley.
Previously:
Update (2023-12-21): Howard Oakley (tweet):
If you run macOS virtual machines (VMs) on Apple silicon Macs using lightweight virtualisation, you may wish to avoid updating those VMs to macOS Sonoma 14.2 or 14.2.1 for the moment. If you do, then they will lose any shared folders they have previously used in 14.1.2 and earlier.
[…]
This also affects new VMs built using IPSW image files for 14.2 and 14.2.1: even though your virtualiser may configure shared folders without error, they aren’t made available when running that VM.
The other bug that I’ve seen reported, and reproduced on my Mac, is that pressing the Pause button in the Console app crashes it.
Update (2023-12-22): Howard Oakley:
Not all virtualisers automount shares in this way: VirtualBuddy is an exception, which still uses a single manually mounted share mounted using a script inside the VM. However, both Parallels Desktop and my apps (Viable and Vimy) rely on automounting, thus they lose their shares in 14.2 and 14.2.1.
[…]
I’m extremely grateful to Dan for providing the workaround to manually mount the share. Unfortunately, you need to do this every time that VM is started up, as there’s no straightforward way to make this persist between boots.
[…]
This bug is fixed in the current beta of Sonoma 14.3, although that will most probably only re-enable shared folders in 14.3 and later, and might be unable to fix them in 14.2 or 14.2.1.
Update (2023-12-28): Martin Wierschin:
InfoClick initially had issues on macOS Sonoma; crashes during system text decoding could be triggered by certain email content. We don’t know exactly what content caused crashes, but Apple appears to have fixed it.
Craig Hockenberry (via Mr. Macintosh):
Don’t use Screen Sharing in macOS Sonoma 14.2.
It shares random windows in other Spaces with whoever is on the other end of the line. If you think your desktop is completely empty, it isn’t.
As you can see below, this could range from embarrassment to leaking private data.
I reported this about a month ago (FB13398611) and can’t believed it shipped. Same with the window manager bug in 14.1. I liked macOS better when point releases weren’t full of breaking changes without workarounds.
I ran this by Apple Security Research and their response was: “We’re unable to identify a security issue in your report.”
After macOS Sonoma 14.2 went out and I tooted about the Screen Sharing vulnerability, Apple folks quickly understood what I was trying to tell them with the FB and OE.
Good that Apple fixed it, but they should give him a bounty and investigate why the security team again blew off a real issue.
