For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
If the download is paused, click the Resume button next to the file in the list. To reveal a downloaded file in the Finder, click the magnifying glass to the right of its name in the downloads list. For solutions to other downloading problems, see If you can’t download an item from the web using Safari. TeXShop (v 4.44) Release (for Yosemite, El Capitan, Sierra, High Sierra, Mojave, and Catalina) TeXShop (v 3.65, and v 4.01) (for Lion, for Mavericks through El Capitan). MacOS 10.13.5, Security Update 2018-003 for Sierra/El Capitan (Jun 1, 2018) Info and downloads of updaters for macOS 10.13.5 and Security Update 2018-003 for macOS Sierra 10.12.6 and OS X 10.11.6 El Capitan. Also Safari 11.1.1 and Apple articles on the updates.
For more information about security, see the Apple Product Security page. Steam download mac os 10.8 os 10 8. You can encrypt communications with Apple using the Apple Product Security PGP Key.
Apple security documents reference vulnerabilities by CVE-ID when possible.
macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra
CVE-2018-4431: An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program
Kernel
Available for: macOS Sierra 10.12.6, macOS Mojave 10.14.1, macOS High Sierra 10.13.6
Pro tools 10 download mac trial software. Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2018-4447: Juwei Lin(@panicaII) and Zhengyu Dong of TrendMicro Mobile Security Team working with Trend Micro's Zero Day Initiative
Entry updated December 18, 2018
Kernel
Available for: macOS Sierra 10.12.6, macOS Mojave 10.14.1, macOS High Sierra 10.13.6
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved restrictions.
CVE-2018-4435: Jann Horn of Google Project Zero, Juwei Lin(@panicaII) and Junzhi Lu of TrendMicro Mobile Security Team working with Trend Micro's Zero Day Initiative
Entry updated December 18, 2018
Kernel
Available for: macOS Mojave 10.14.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved input validation.
CVE-2018-4461: Ian Beer of Google Project Zero
WindowServer
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2018-4449: Hanqing Zhao, Yufeng Ruan and Kun Yang of Chaitin Security Research Lab
CVE-2018-4450: Hanqing Zhao, Yufeng Ruan and Kun Yang of Chaitin Security Research Lab
Additional recognition
LibreSSL
We would like to acknowledge Keegan Ryan of NCC Group for their assistance.
NetAuth
Mac 2018-003 Won't Download Windows 10
We would like to acknowledge Vladimir Ivanov of Digital Security for their assistance.
Mac 2018-003 Won't Download Windows 7
Simple certificate enrollment protocol (SCEP)
We would like to acknowledge Tim Cappalli of Aruba and a Hewlett Packard Enterprise company for their assistance.
Time Machine
We would like to acknowledge Matthew Thomas of Verisign for their assistance.