Along with the official release of macOS Big Sur 11.0 on the 12th of November, Apple also released its update for the same versioned 11.0.1. Though it comes preinstalled in certain Mac models, it might not be there in others. The company has advised all its users to update their devices to this latest version at the earliest.
The update is supposed to solve major vulnerabilities of the 60 vulnerabilities announced recently. A lot of these vulnerabilities were already patched before the release of Big Sur 11.0.1. These included three actively exploited vulnerabilities that were affecting the kernel & FontParser components.
What does the macOS Big Sur Update fix?
The released update for macOS Big Sur 11.0.1 is supposed to provide a patch for up to 60 vulnerabilities that were discovered. Of these, Google Project Zero reported the actively exploited flaws to Apple. These flaws could potentially lead to arbitrary code execution & information disclosure. They were gaps in the security which could impact certain versions of iOS & tvOS.
Besides these, Big Sur 11.0.1 fixed more vulnerabilities that affected various components of the system. These components include – App Store, CoreGraphics, CoreText, CoreCapture, CoreAudio, Bluetooth, FontParser, Foundation, the Kernel, ImageIO, NSRemoteView, PCRE, Python, Quick Look, Sandbox, Safari, SQLite, Webkit, Wi-fi, Xsan and more.
Exploiting these vulnerabilities would allow malicious attackers to control various aspects of the system. They could harm the system in a number of ways including, privilege escalation, gain access to restricted files & memory, spoof the address bar in Safari, bypass protections, corrupt data (SQLite) and perform DoS attacks & MitM attacks on the system. The latest update safeguards the system from all of these risks.
A week prior to this update, another security update was released for Safari. This solved the spoofing issue in the address bar along with a code execution flaw related to WebKit. The update also fixed the actively exploited vulnerabilities reported by Google Project Zero for macOS High Sierra and Mojave.
What is yet to be fixed?
Though the latest macOS update has fixed a number of vulnerabilities in the system, there are still a few problems that couldn’t be fixed yet. Applications on Big Sur can still bypass firewall & VPN connections. This issue was reported in last October by cyber-experts. Experts suggested that could be most likely be fixed by the time Big Sur is officially released.
Last Week, along with Big Sur, Apple also announced its first system-on-chip (SoC) called M1. It is designed specifically for the Mac. Apple has confirmed that M1 has been designed to specifically work with Big Sur. It will help improve battery life, security & performance of the device. Though not in through detail, Apple has announced the major features & security benefits of Apple M1.
With nearly 16 billion transistors, the M1 chip includes an 8-core CPU, an 8-core GPU and uses the 5nm technology. This is to deliver excellent performance without using too much power. The company has said that the chip only attempts to exchange security and ‘does not appear to contain any breakthroughs in terms of security.’
The M1 chip includes a high-performance storage controller with AES encryption hardware, hardware-verified secure boot & Secure enclave. New security protections have been used into the code execution architecture of M1.
With the release of the latest macOS Big Sur update & the M1 chip, Apple has yet again proved its profess in ensuring highest security for their users. By fixing the vulnerabilities, Apple has helped provide a more secure & risk-free environment for its users. But as we said, this update doesn’t solve everything. Only time will tell, what will be the next step in enhancing security with Apple.