macOS 15.1.1

Juli Clover (release notes, security, no enterprise, no developer, full installer, IPSW):

According to Apple’s release notes, macOS Sequoia 15.1.1 includes security fixes.

Juli Clover:

With the JavaScriptCore vulnerability, processing maliciously crafted web content could lead to arbitrary code execution. The WebKit vulnerability had the same issue with maliciously crafted web content, and it could lead to a cross site scripting attack.

Apple says that it is aware of reports that these two issues may have been actively exploited on Intel-based Mac systems. While the vulnerabilities are only known to have impacted older Macs, other devices are vulnerable to attack because they have the same security flaws.

I’m not sure why, but this seemingly minor update took way longer than other recent ones to install on my Intel MacBook Pro—probably close to an hour, with the fans blaring for most of that time.

Jeff Johnson:

Getting an Apple Intelligence modal ad after installing macOS 15.1.1

Also, 15.1.1 wants me to store all my files in iCloud, enabled by default, WTF?!?

For me, it didn’t change anything with iCloud Drive, and (on a Mac that doesn’t support Apple Intelligence) it didn’t show any onboarding screens at all. I had gotten used to being asked to sign into iCloud again.

Previously:

• macOS 15.1

Update (2024-11-22): Ryan Naraine (via Hacker News):

Raw details on the patched vulnerabilities:

• CVE-2024-44308 — JavaScriptCore — Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

• CVE-2024-44309 — WebKit — Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

iCloud Drive Mac macOS 15 Sequoia macOS Release

2 Comments RSS · Twitter · Mastodon

---

---

Leave a Comment

Name

E-mail (will not be published)

Web site

Δ