Posted September 25, 2020
Apple has released its first update round to iOS 14, just over a week after the new mobile operating system was first released to the public. In addition, there were updates to macOS, iPadOS, tvOS and watchOS as well.
iOS 14.0.1 and iPadOS 14.0.1
These updates were obviously more about performance than security, since the release notes did not include any published CVE listings.
The most prominent issue with iOS 14 and iPadOS 14 had to do with the behavior of user-selected standard email and browser apps. Both iOS 14 and iPadOS 14 allow users to choose their own default email and browser apps, but last week it seemed that this feature did not work properly for some people: Their devices kept going back to Mail and Safari every time they was restarted. iOS 1
In addition, the updates fix two UX issues that some people had with their devices. Some users could not see camera previews on older iPhones models (iPhone 7 and iPhone 7 Plus), and others noticed that photos did not appear in the News widget (on both iPhones and iPads). These issues have now been fixed.
Finally, the update resolved two bugs that prevented some users from sending emails and connecting to Wi-Fi networks.
If you do not have automatic updates enabled, go to Settings > General > Software update to find the updates.
macOS 10.15.7 (and related High Sierra and Mojave updates)
Apple also released some macOS updates such as macOS 10.15.7 (Catalina) and the related 2020-005 High Sierra security update and the 2020-005 Mojave security update.
First up: It was a solution to the Model I / O framework, which is how macOS provides important functionality to 3D modeling software. Apple’s notes suggest that a maliciously crafted Universal Scene Description (USD) file – a file format created by Pixar Animation Studios – may have resulted in a crash or even code execution on a Mac. This vulnerability affected Catalina, Mojave and the High Sierra, and has now been patched.
In addition, Apple addressed a sandbox problem (one that also affected all three operating systems). Sandboxing refers to a macOS security feature that limits the access and resources available to individual macOS apps. The idea is that if an app should be compromised, at least the damage would be something contained, because the app still would not have unhindered access to the system as a whole. When there is an issue with app sandboxing, a malicious app may still have access to restricted files: definitely not a good thing! These updates eliminate this vulnerability in sandboxing.
There was also an update for an issue with ImageIO, the macOS framework that allows apps to read and write image files in various formats. Apple says it addressed a vulnerability that could have allowed an attacker to use a malicious image to execute code on a target system. This solution only applies to macOS Mojave and macOS High Sierra.
Finally, Apple fixed an issue in Mail that could have allowed a remote attacker to interfere with the application; High Sierra was the only affected macOS version.
In addition to the security updates, macOS 10.15.7 Catalina also received some general bug fixes, addressing issues that some users had when trying to automatically connect to Wi-Fi networks, issues with syncing files via iCloud Drive, and a graphics issue on some recent iMacs.
If you have not enabled automatic updates for your Mac, you can find updates in macOS Catalina or macOS Mojave by going to Apple menu > System selection > Software update. If you see an update waiting to be installed, just click Update now.
On macOS High Sierra you can update by starting App Store app and click Updates in the toolbar. If there are any updates available, you will see them here; just click Update button to install.
watchOS 7.0.1 and tvOS 14.0.1
There was no major updates to these two operating systems, and the updates did not contain any security content. watchOS 7.0.1 solved an issue that users had with the Wallet app (some cards were disabled for some users). Apple did not release any specific update notes for tvOS 14.0.1, saying only that the update included “overall performance and stability improvements”, indicating that any changes here were likely to be very small.