Dec 16 2021

Apple security updates are out – and not a Log4Shell mention in sight

Category: Log4j,Security patching,Security vulnerabilitiesDISC @ 10:26 am

Amongst all the brouhaha about Log4Shell, it’s easy to forget all the other updates that surround us.

Not only is it Patch Tuesday (keep your eye on our sister site news.sophos.com for the latest on that score later in the day)…

…but it’s also time to check your Apple devices, because Apple just pushed out a slew of its they-arrive-when-they’re-ready-and-don’t-expect-any-warning security patches.

The updated versions you’re looking for are:

As for iOS 14 and iOS 12, which are the official previous and pre-previous iPhone operating systems (in the same way that Big Sur and Catalina are the previous incarnations of macOS), there’s no sign of any updates for them.

Observant readers will notice that the URLs in the list above form an unbroken numeric sequence except for a gap at HT212977, so whether that’s a space left open for a delayed update for iOS 14 or not we can’t tell you…

…but we did notice that Apple’s main security noticeboard page, HT201222, still [2021-12-14T12:00Z] doesn’t mention the updates listed above.

In the past, we’ve noticed an apparent correlation between delayed updates for individual platforms and delayed listings on HT201222, but we have no idea whether that is coincidence rather that true correlation, or a desire on Apple’s part to hold off updating the central listing until all the new versions can be displayed in one go.

(Apple, as you know, has an official policy of saying as little as possible about updates and update cycles, so we shall have to wait and see.)

What about Log4Shell?

Apple Device Management

MacOS and iOS Internals

Tags: Apple Device Management, Apple security updates