On Monday, Apple released security updates for macOS Big Sur and macOS Catalina. But strangely, Apple did not provide a single detail about which security issues were addressed in the updates.
Here’s what little we know about the latest macOS updates.
On Apple’s “What’s new in the updates for macOS Big Sur” page, Apple simply states of macOS Big Sur 11.6.4:
This update is recommended for all users and improves the security of macOS.
(Apple no longer updates its “What’s new in the updates for macOS Catalina” page, so there is no specific statement there about the corresponding update, Security Update 2022-002 Catalina.)
Usually, Apple provides details about security fixes at its “Apple security updates” page.
This time around, however, Apple is — at least so far — staying silent about what the latest updates include.
Apple offers no CVE details for macOS Big Sur 11.6.4 or Security Update 2022-002 Catalina.
Instead, Apple simply states that “This update has no published CVE entries” for both updates. Vulnerabilities often have CVE numbers assigned to them to help researchers identify whether the same security issue affects multiple products.
It is extremely rare for Apple to issue a security update without referencing any CVE numbers. In fact, this is the first case we could find where Apple published a security-only update for macOS that did not include a single CVE reference in its security release notes.
We have reached out to Apple for comment. If Apple responds, we’ll update this article to include the company’s statement.
One thing we can assume that the two updates do not include is a fix for the WebKit vulnerability that was already included in last week’s Safari 15.3 update for both Big Sur and Catalina. Apple specifically named that vulnerability as CVE-2022-22620.
Apple fixes active zero-day vuln with macOS 12.2.1, iOS 15.3.1, Safari 15.3
You can get the latest macOS version that’s compatible with your Mac by clicking on Apple menu > System Preferences… > Software Update.
If your Mac’s operating system hasn’t been updated for several years and it’s running macOS High Sierra or older, look for macOS Monterey in the App Store and download it from there.
Ideally, if your Mac is compatible with macOS Monterey, you should update to Monterey rather than merely installing this week’s Big Sur or Catalina security update.
Although Apple continues to release some security updates for macOS Big Sur and macOS Catalina, Apple does not patch every security issue for these older macOS versions; see Apple’s Poor Patching Policies Potentially Make Users’ Security and Privacy Precarious.
Apple’s Poor Patching Policies Potentially Make Users’ Security and Privacy Precarious
When backing up your Mac, it’s ideal to follow a “3-2-1 backup strategy,” and occasionally verify that your Mac is backing up successfully.
Data Backup Plan: How to Implement the 3-2-1 Backup Strategy
You can also subscribe to our e-mail newsletter and keep an eye here on The Mac Security Blog for the latest Apple security and privacy news. And don’t forget to follow Intego on your favorite social media channels: 
