Latest Apple OS Updates and Changes to Apple Intelligence – Intego Mac Podcast 381
Posted on
by
Kirk McElhearn
Apple operating system updates bring a bevy of patches and some changes to Apple Intelligence. Should you worry about vulnerabilities discovered in Apple’s M-series chips. Apple’s Next Generation CarPlay is late. And the latest adoption rates for current Apple operating systems tell us who is using which devices and for how long.
- CVE-2025-24166
- How to turn off Apple Intelligence on your iPhone, iPad, or Mac
- Apple chips can be hacked to leak secrets from Gmail, iCloud, and more
- Apple reveals iOS 18 usage data for the first time
- Apple Removes ‘2024’ Timeframe From Next-Generation CarPlay Page
- Time to Delete? The Most Invasive Apps List Includes Some of Your Favorites
If you like the Intego Mac Podcast, be sure to follow it on Apple Podcasts, Spotify, or Amazon.
Intego Mac Premium Bundle X9 is the ultimate protection and utility suite for your Mac. Download a free trial now at intego.com, and use this link for a special discount when you’re ready to buy.
Get Apple security news delivered straight to your inbox, for free. Intego’s twice-monthly newsletter will keep you informed about Apple-related privacy and security, along with tips and tricks for getting the most out of your Mac or iPhone. Subscribe for free—no strings attached.
Transcript of Intego Mac Podcast 381
Voice Over 0:00
This is the Intego Mac podcast—the voice of Mac security—for Thursday, January 30, 2024. This week’s Intego Mac Podcast security headlines include: Apple operating system updates bring a bevy of patches and a few more things you need to know about Apple Intelligence. Researchers find vulnerabilities in Apple’s M series chips. Is it anything to worry about? Apple’s Next Generation CarPlay was supposed to be available in new car models by now, and that didn’t happen. The latest adoption rates for current Apple operating systems have been calculated, and the findings tell us who is using which devices and for how long. Now here are the hosts of the Intego Mac podcast. Veteran Mac journalist Kirk McElhearn and Intego’s chief security analyst, Josh Long.
Kirk McElhearn 0:53
Good morning, Josh, how are you today?
Josh Long 0:57
I’m doing well. How are you, Kirk?
Kirk McElhearn 1:01
I’m doing okay. We have a bunch of news this week. A lot of it has to do with updates to Apple’s operating systems, and there were actually some serious vulnerabilities in this latest batch of updates.
Did Apple submit and then remove a patched vulnerability at cve.org?
Josh Long 1:09
Yeah, these are pretty big updates. They did include an actively exploited vulnerability, which we’ll talk about in a second. But yeah, first of all, the number of vulnerabilities patched in macOS was pretty significant. As of Monday, when these updates were released, it showed that there were 61 vulnerabilities patched for macOS and 29 vulnerabilities patched for iOS and iPadOS. Now those numbers have actually changed a little bit. I noticed as I was loading these pages today that those numbers are now 60 and 28.
Kirk McElhearn 1:43
So did they use invisible ink for one of them?
Josh Long 1:47
Well, thankfully, I still had the page pulled up from the other day in a different browser tab. So I went through the pages side by side and figured out which vulnerability numbered vulnerability they removed in the update. And so this is CVE 2025, 241, 66 the description that Apple had given previously for this vulnerability was that processing maliciously crafted web content may lead to an unexpected process crash. This issue was addressed through improved state management, and they credit a Google Project Zero researcher for this vulnerability. Now this seems to have been removed on Tuesday, so it’s unclear exactly what happened here. If you go to the National Vulnerability Database, they say that Apple rejected this CVE or withdrew it. So I’m not exactly sure whether that means that maybe Apple accidentally said that they patched this and then realized later, oops, we actually didn’t patch this one yet, and so they pulled it, and maybe they’ll give it a different CVE number when they re released this, or when they actually fix this in the next version. That’s my working theory. I don’t know why else Apple might have decided to pull this CVE number and remove it from the list.
Kirk McElhearn 3:06
Cve.org explains what happens if a CVE record is marked rejected. It says possible examples included being a duplicate CVE record, it being withdrawn by the original requester, which in this case is Apple, it being assigned incorrectly, or some other administrative reason. Now we’ve been doing this podcast for more than seven years, and I don’t remember you ever pointing this out, and this is like such a Josh thing to find that there’s a CVE that was there on release and it’s not there anymore.
Josh Long 3:33
Yeah, so I will reach out to the researcher just to see if he has any idea what might have happened here. But as of right now, when we’re recording this, we don’t know why, but in any case, 60 vulnerabilities is still a lot, so make sure that you install these patches. And by the way, it’s more than just macOS and iOS. This is all Apple operating systems. So make sure that you install the latest updates on all of your Apple devices.
Kirk McElhearn 4:00
Including your Vision Pro.
Josh Long 4:02
Including Vision Pro, Apple TV, even your Apple Watch.
Kirk McElhearn 4:05
But there were a lot of vulnerabilities for Vision Pro because of all the shared code here.
Josh Long 4:09
Yeah, there were 20 vulnerabilities that Apple patched for vision OS version 2.3 as well. So yeah, that’s true. A lot of the same vulnerabilities that apply to one Apple operating system also apply to other Apple operating systems as well. So you there because of that shared code and shared apps, they basically behave in very similar ways. So you’ll find that happens a lot.
Did Apple neglect to patch an exploited vulnerability for over a year?
Kirk McElhearn 4:33
Okay, I want you to tell me about CVE 2025, 24085, which Apple claims was exploited before iOS, 17.2 now, either that’s a typo and they meant 18.2 or if it’s 17.2 that means more than a year ago it was exploited, and Apple only got around to fixing it. Now, right?
Josh Long 4:52
So this version of iOS that they mentioned there was released in December 2023 so if it was exploited before. Sure that, then, yeah, over a year ago, that this was actually exploited in the wild, which sort of suggests that what might have happened here is that maybe some research group discovered that this vulnerability might have been used along with Pegasus, or some other vulnerability that was maybe used in a chain by by some group. So just now, some researcher discovered, oh yeah, also, this thing had been used in the wild as part of an exploit chain, and so Apple needs to patch this as well. Apple does not credit any particular researcher. Interestingly enough, usually they’ll say who reported this vulnerability to Apple. So either Apple’s own researchers discovered this, or the person decided to remain anonymous, it’s more likely that this actually came from Apple, because you’ll notice, if you look through the list, that there are some others that say reported by an anonymous researcher. This one doesn’t give any credit, so presumably, Apple actually discovered this one and decided to patch it. It’s just funny that there is such a huge gap, like we’re talking 2023 this vulnerability was exploited, and just now Apple’s discovering this and in 2025 and patching it. That seems very weird.
What’s new with Apple Intelligence?
Kirk McElhearn 6:18
Okay, so these were dot three updates. And we’ve explained the dot digit updates are the major updates, and the dot digit, dot digit, so 18 point 2.1, etc. They’re minor updates. And there are major new features in here with Apple intelligence. Actually, there aren’t really any that important. But one of the notable things is that, up until now, if you had a device that would support Apple intelligence, you would have to turn on Apple intelligence, because, well, technically, it’s still a beta, right? And you were making the choice to use this software. And in fact, when you look at the Apple intelligence settings on an iPhone, let’s see one more. One more. You know, it doesn’t say it’s a beta here anymore. That’s kind of interesting. It used to so with the 18.3 update, it’s automatically turned on. Before you had to choose to turn it on. Fact, early on, if you were running a beta, you had to join a waiting list, which could be very quickly to get access to it. So now it’s on even if you don’t want it. So if you don’t want to use Apple intelligence, you can turn it off. I’ll link to an article on the Intego Mac security blog where we explain how to turn it off. One advantage of this is you’ll save at least six gigabytes of storage on my iPhone. I think it says it’s 6.16 gigabytes. But a colleague wrote an article saying you can save about seven gigabytes, which means that maybe when you turn off Apple intelligence, it deletes the apple intelligence software, plus some other files, like cache files. So if you don’t have a lot of storage on your device, particularly an iPhone, and you don’t want to use Apple intelligence, you can just turn it off and save all that space. One of the big changes for Apple intelligence, 18.3 15.3 etc, is we’ve talked in recent episodes about these notification summaries that were, I don’t know, laughable sometimes because they were so wrong, they would say things that were totally out of context. Apple has disabled AI summaries for notifications for the news and entertainment categories. So news category is pretty obvious, right? Entertainment, it’s kind of vague, because if I look on my iPhone, Disney, plus it’s been It’s listed as temporarily unavailable. The Music app, the same thing, so no steam and the Xbox app, they’re all temporarily unavailable. Now we know why the news notifications have been disabled, because a lot of news organizations, notably the BBC, complained to Apple about erroneous notifications, but I don’t understand why entertainment would be disabled.
Josh Long 8:54
Yeah, that one’s puzzling to me, too. Kirk and I were comparing our devices, and I noticed that on mine, I don’t have everything selected by default, so I have not gone through and manually changed which apps give me notification summaries somehow, the only ones that are enabled on mine are ones from the news and entertainment categories, ironically, which, of course, now are not going to get notification summaries in 18.3 and for both of us on our Macs, we had every app that’s installed notification summaries is enabled by default. So that’s kind of weird. Kirk found that everything was just enabled. However, now there’s this additional note in iOS 18.3 underneath any apps from the news or entertainment categories that it’s temporarily unavailable.
Kirk McElhearn 9:48
You also need to know where to find this setting, because you would expect to find this in the Apple intelligence and Siri settings, but it’s not. It’s in notifications. And then there’s a entry that says, summarize notifications. You can choose. Used to turn it on or off, and one thing I noticed that didn’t exist with 18.2 is the following four words. Summaries may contain errors. Now, I paid 1200 pounds for this phone made by a company worth $3 trillion with decades of experience, and they’re telling me that this computer makes mistakes. I’m at all. I’m not at a loss for words, because I’ll keep talking, but I just find this stunning that they would say this before. They were saying that it was in beta, and now they’re not saying this is in beta and it may make errors, or some summaries may not be correct, if summaries may contain errors.
Josh Long 10:36
Yeah, and they did add this notice in the point three releases. They didn’t say that at all before, but maybe they’re kind of, they’re shifting the blame here now. Now, instead of saying the whole thing, all of Apple intelligence is in beta, they’re sort of implying that, well, okay, that one thing we know, we kind of have messed up a little bit there, and we’re not doing Apple quality work. So we’ll just point out this is an A an AI problem, not an apple problem, like, don’t, don’t blame it on us. This is just AI messing up. It’s sort of the implication.
Kirk McElhearn 11:10
There are a couple of other things that I notice I’m currently on my iMac that I haven’t yet updated. So I’m looking at the notes for the update, and Apple points out that summarize, notifications are in italic, and this is to indicate that if you see a notification italic, that’s mean, it may be wrong. And if you see one that’s not in italic, it’s probably correct, because it’s just the notification, the exact text of the notification, the other thing it says is that notification summaries for news and entertainment apps are temporarily unavailable, and users who opt in will see them again when the feature becomes available. Does that mean that they’re going to be turned off by default? Now we’ve been installing the various versions and a couple of betas over the month, so it’s on for us, but maybe for other people, it’s not on by default, and you have to turn them on. So in that case, go to your notification settings on either a Mac and iPad, iPad or an iPhone. Look for summarize notifications. If you want to get notifications that may contain errors, you can turn this feature on. What else was there in these updates? Josh, anything useful?
Josh Long 12:13
Well, yeah, I did want to mention that for both iOS and macOS, the calculator app now repeats the last mathematical operation when you click or tap on the equals sign again, so the same functionality that has been on every calculator for literally decades, we finally have on the calculator app that Apple releases, also on macOS Sequoia, we finally get Genmoji. We can create Genmoji Now on macOS Sequoia, 15.3 which, for some reason, was only on iOS and iPad. Os 18.2 not on macOS Sequoia, 15.2 so now we’ve got Genmoji creation capability on Mac.
Kirk McElhearn 12:57
I’m so excited. I might actually look at that sometime this year. All right, let’s take a break. When we come back, we’ll talk about apple chips that can leak secret we’ll talk about CarPlay that’s coming to your car in 2024 but it didn’t.
Voice Over 13:12
Protecting your online security and privacy has never been more important than it is today. Intego has been proudly protecting Mac users for over 25 years. And our latest Mac protection suite includes the tools you need to stay protected. Intego’s Mac Premium Bundle X9 includes Virus Barrier, the world’s best Mac anti-malware protection, Net Barrier, powerful inbound and outbound firewall security, Personal Backup to keep your important files safe from ransomware. And much more to help protect, secure and organize your Mac. Download the free trial of Mac Premium Bundle X9 from intego.com today. When you’re ready to buy, Intego Mac Podcast listeners can get a special discount by using the link in this episode’s show notes at podcast.intego.com. That’s podcast.intego.com and click on this episode to find the special discount link exclusively for Intego Mac Podcast listeners. Intego. World class protection and utility software for Mac users made by the Mac security experts.
Researchers discover vulnerabilities in Apple’s M-series chips.
Kirk McElhearn 14:23
Okay. Every once in a while, we get these vulnerabilities that affect hardware, that affect the actual CPU chips in devices, and we have two new ones. And, you know, we’re used to all these weird names, like, what was the funny badger and whatever a couple weeks ago, you know, names from malware, and this time, it’s really easy. We got Slap and Flop. Tell me about Slap and Flop. And do I have to worry that these are going to leak secrets from Gmail, iCloud and more as Ars Technica’s?
Josh Long 14:53
Yeah. So these are newly discovered or published about vulnerabilities, and they’re more akin to. Spectre and Meltdown, if you remember those from back in the day. So these were speculative execution vulnerabilities, and there have been many, many others since then, talked about some of them on the podcast in the past. And this is a whole class of vulnerabilities, and the short version of what exactly speculative execution is, is essentially designers of these processors are always looking for ways that they can make them faster. And speculative execution is a feature that allows a chip to try two different things at the same time. So depending on the path that it needs to have gone down, it’s already done that calculation, and it might try two things at once and then just discard the one that it didn’t actually need. And it does this to save time and speed up processing by kind of going ahead and making some assumptions about what might happen next. So that’s essentially what speculative execution is. And because it’s kind of important to processor speed. It’s on in basically every modern chip, and this is both Intel chips as well as Apple silicon chips, like you find in Macs and iPads and and even the A Series chips that are in iPhones as well. So slap and flop are two particular newly discovered speculative execution vulnerabilities. Slap affects the m2 and a 15 and later versions of apple chips. Flop affects m3 and a 17 chips and later. So basically, if you have a Mac or an iPhone or iPad that came out since these chips were released, it is vulnerable to attack currently. Now these are very theoretical attacks. Like, yes, it is possible. They’ve successfully exploited these in a lab environment. How practical are they to actually exploit in the real world. It’s pretty unlikely, based on the research that’s been published about them. You don’t really need to worry about these vulnerabilities for now, nobody’s known to exploit these in the wild. And Apple says regarding these vulnerabilities, based on our analysis, we do not believe this issue poses an immediate risk to our users, which is basically just saying they’re not in the wild. And so it’s probably one of the these things that Apple is not likely to patch unless it is exploited in the wild, and then maybe Apple will do something about it, because we’ve seen similar vulnerabilities in the past that Apple just kind of ignored and swept under the rug and never got fixed.
Kirk McElhearn 17:43
But if they do patch it, it’s going to slow computers down, right?
Josh Long 17:48
Well, there’s a good possibility of that with these particular vulnerabilities. I don’t know that for sure. The researchers did say that they published a list of mitigations or Well, or they will publish some of this research they haven’t fully released yet because they want people to come to their talks at a couple of upcoming conferences.
Kirk McElhearn 18:06
So this is like a trailer for a security conference.
Josh Long 18:11
Yeah, basically, so they say that there’s a list of mitigations that they’ve provided to Apple, and they believe that these mitigations will address the vulnerabilities that allow flop and slap attacks, and it’s up to Apple now to decide whether to implement any of these mitigations that the researchers have suggested.
Operating system adoption numbers for 2024 are in
Kirk McElhearn 18:32
Flop and Slap or Flap and Slop. These ones aren’t going to be very memorable. I guess this is better than “Hungry Badger”. But still, all right, it’s about this time of year that Apple releases information about the percentage of devices that are running the latest operating system and iOS 18 is on 76% of devices introduced in the last four years, similar to 2024, much lower than 2023 where it was 81% on the iPad. It’s different. It’s only 63% compared to 61% last year, compared to 53% in 2023 and I speculate that in 2023 there are a lot of people who had older iPads and who’ve upgraded in 2024 and 2025 because Apple had a big upgrade cycle last year with the iPad Pro, with m4 processor, the iPad Air, With m2 processor and the iPad Mini. So when you go back to 2023 there could be people who had the original iPad, which was just announced 15 years ago last week. Wasn’t it something like that?
Josh Long 19:31
Well, and people had been waiting for a while for a new Mini, right? If you wanted the smaller form factor and you didn’t really want to get an old iPad Mini that came out years ago, then you might have been waiting for a while for this new version of the iPad Mini. So I wanted to focus on a couple of other aspects to this, right? So there’s all for me, I always think of the security implications of these things. So if you consider that only 70. 6% of iPhone users today are on iOS 18. So that means that only 68% of all iPhone users are actually on iOS 18. And that means 32% of users are on some older version that is not getting all the patches, by the way, if you break this down further, which Apple doesn’t do, but there’s very few people probably who are on iOS 18 and have the latest patches installed that just came out this week, right? So that’s another thing to consider, too. Even those who have moved to iOS 18 may still be on 18.0 or 18.1 and they have a bunch of vulnerabilities that have yet to be patched on their device because they just haven’t updated to the latest version yet. So if you think about that, that means that there’s tons and tons of people who have exploitable vulnerabilities, some of these even actively exploited vulnerabilities that have since been patched, that they have not yet patched on their devices. That’s kind of concerning. I feel like this should be a wake up call for some people who are hanging behind on older operating systems.
Next Generation CarPlay fails to make an appearance
Kirk McElhearn 21:13
Yeah, when you look at it this way, it means three quarters of people are on iOS 18. But as you said, we don’t know which version of iOS 18 and only two thirds of all devices are on iOS 18. So there is a huge attack surface of people running older versions of the operating systems. It’s entirely possible that a lot of people didn’t upgrade to iOS 18 because they saw Ooh, Apple intelligence. I can’t use it on my phone. So why should I upgrade? Although the number is the same as last year with iOS 17. But when you look at iOS 16 with 81% that’s a big difference. From 81 to 76 it’s a big drop. Most people don’t care, right? I mean, we are worried about this, but most people don’t care about this stuff. So if you’re listening to this podcast, you’re up to date. You’ve probably got to dot three updates anyway. We want to talk about the Next Generation CarPlay that would arrive in 2024 we’re at the end of January, 2025 and finally, Apple has updated its website to remove that 2024 date from the page. You know, I look at this Next Generation CarPlay in the screen and the photos, screenshots that Apple shows, and my car can’t display all that stuff, so I don’t really care about it. I mean, I would prefer that my CarPlay is slightly improved, but this is like you need cars with huge dashboards to put all this stuff on. I’m not I’m not sure if the Next Generation CarPlay is the CarPlay for every version of car that can display CarPlay with your standard display, or only the version for those with the extra displays. We’ll link to the article on Mac room was about this where they show a photo of a car, and they have, like, on the dashboard this car wide display with way too much stuff. I mean, I don’t want to see that much stuff when I’m driving. And then below it, the standard display you have in a normal screen in a car, right?
Josh Long 22:55
It is potentially very distracting, which maybe an issue that they’re working to resolve. I don’t know. I assume that what they’re showing here is like a concept of, here are some of the types of widgets that you could have on your Next Generation CarPlay dashboard, right? And by the way, car manufacturers have been showing off similar, you know, panels where the display goes from one end of the car to the other for a couple of years now, once again, there were a lot of concept cars being shown off at CES in January, just like last year, where they had a similar display like this. And so we can anticipate that whether it’s CarPlay or not, there are car manufacturers that really want to have something like this. Now, I think where this is actually is a little bit more practical is for things like maybe you want your passenger to be able to control the music or pull up a map or something like that. Maybe you don’t want that directly in front of you or directly to the side of you if you’re the driver, but you don’t mind if your passenger has access to certain things like entertainment apps and things like that. So maybe this could be practical for them. In any case, obviously, Apple missed its target by like, a year. So we don’t actually know when this is going to start being available in new cars, but at some point, Apple, I guess, will release Next Generation CarPlay.
How much personal information do your favorite apps know about you?
Kirk McElhearn 24:22
One could speculate that this was part of the Apple Car project that’s been abandoned, that this would have been the display in the Apple Car and, well, they would make the display available to others. I like how one of the photos is of a Porsche which is driving at 205 kilometers an hour. Don’t drive a 205 kilometers an hour anywhere. I mean this, you can do it in Germany on the autobahn, but that’s unsafe. What I would like, though, my car doesn’t do this, but the display in my car, you can cycle through a number of different displays of the way it shows information. I would like to customize that. I would like to get rid of most of the stuff that I don’t need. And. Of it much simpler. I would also like there not to be a little what would you call it? A button that you roll, which if you tap accidentally, it changes the display totally I find this totally useless in cars. I don’t like cars that much. So Okay, last story, this is going to be a quick one. There’s an article on PC mag which says, time to delete the most invasive apps. The list includes some of your favorites. And someone went through App Store listings and look at how much the apps declared they were collecting data and made a table of this one. Is this percent of your data shared with third parties? This one’s collected for developers, advertising or marketing, etc. They list, well, they list from one to 20. They’re ranked. It looks like about 25 or 30 apps, because for some of the ranks, there are more than one app. There’s two things to think here. One is, they’re collecting data, no matter what you use. Two, are we surprised? It’s gotten to the point where you just assume that every app is collecting data, and you know, there’s a way around that you can access a lot of these services in the browser. Now, there’s a lot of apps you can’t access in the browser. I’m thinking Uber, for example, I think that’s app only. Well, quickly go through the list, Facebook, Instagram, LinkedIn, Amazon, YouTube, X, all of these you can get in the browser. Google, Amazon, prime, video, Spotify, Snapchat, all of these you can get in the browser. There’s some you can’t google maps, because that’s, well, no, you can get Google Maps in the browser. Sorry. You can get Gmail. You can stream. So actually, you could just use your web browser with safaris protections and maybe an ad blocker, and avoid all of this stuff being collected about you.
Josh Long 26:39
Yeah. Potentially, there’s a whole bunch of potential problems with this, right? You don’t want to probably read too much into this data in this chart, because, for one thing, this is all based on what these apps have decided, or the app developers have decided to report to Apple. This is self reporting, right? So that could mean so the numbers could be higher. The numbers could be higher or lower than what the apps are actually doing for on the one side of things, maybe some of these developers have a team of lawyers that is reviewing all the categories and saying, oh, we need to make sure that we declare that we are doing this, whether or not they’re actually doing it just in case, they might, just in case, just in case, they might enable some functionality like that in the future. And on the other hand, you might have developers who are under reporting, maybe they didn’t understand the categorization, or they’re trying to be a little deceptive in how they’re reporting these things to Apple, and so they’ll say, Oh yeah, we don’t collect any data like that at all, but they actually are, and because this data is self reported, there’s a lot of room for errors in here. So I wouldn’t, I would not take this as gospel truth. This is just based on what these apps are reporting.
Kirk McElhearn 28:00
But again, you can access a lot of these through the browser. Now you can’t do Candy Crush Saga or Roblox through a browser, but most of these apps are available in a browser, and maybe it’s time to go back to the browser to use whatever Safari or whatever browser you want with the protections that they have, because this kind of data cannot all be collected through the browser.
Josh Long 28:24
Now, to be fair, some of these apps do include functionality that you can’t get on the web interface for some of these websites that correspond with the apps, but on the other hand, sometimes you actually do get extra benefits from accessing them via web browser. For example, if you’re using a third party browser, I’m not sure if this works in Safari, but for sure, if you’re using brave, for example, you can load YouTube and have it run in the background, which you have to pay for YouTube premium in order to listen to YouTube in the background. There are some fun little perks sometimes for using the web interface.
Kirk McElhearn 29:02
Okay, that’s enough for this week until next week. Josh, stay secure.
Josh Long 29:05
All right, stay secure.
Voice Over 29:08
Thanks for listening to the Intego Mac podcast. The voice of Mac security with your hosts, Kirk McElhearn and Josh Long. To get every weekly episode be sure to follow us in Apple podcasts or subscribe in your favorite podcast app, and if you can leave a rating, a like or a review. Links to topics and information mentioned in the podcast can be found in the show notes for the episode at podcast.intego.com. The Intego website is also where to find details on the full line of Intego security and utility software. intego.com.
