Security Updates for August 2022

At our August meeting, I mentioned that everyone should have their Mac (iPhone, iPad, Apple Watch, Apple TV, etc.) updated as soon as updates came out. Several individuals publicly or privately said they didn’t want to do that, saying the update interfered with what they were doing, or they preferred to do it later. The problem: the vast majority β€” as in “with few exceptions” β€” fail to get around to it “later,” and are one or more steps behind in doing updates.

As an example: one member recently had their data drive crash. This bothered, them, but not too much: they used Time Machine to constantly back up their Mac, and thought they could recover quite a bit of information by just recovering data from their Time Machine backup. Except: in examining the Time Machine backup drive, it had never been used. Ever. Nothing was written to it since the time it was formatted in 2017. And, of course, the Mac hadn’t had a security update since 2017, either.

Save yourself a lot of trouble and: have your Mac install updates as they come out. It is easy to do: go to System Preferences > Software Update, and check the box (if it isn’t checked already) for “Automatically keep my Mac up to date.”

Automatically keep your Mac up to date with security updates by making sure this check box is, in fact, checked.
Automatically keep your Mac up to date with security updates by making sure this check box is, in fact, checked.

As long as your Mac is awake and connected to the Internet, it will check periodically and install updates as needed.

Why mention this now: in August, Apple released a number of critical software updates, for Safari, for Apple Watch Series 3 (an older Apple Watch), for macOS Monterey, and for many iPhones and iPads, dating back to the iPhone 6, and even the 7th generation iPad touch. “Critical” in this case means: failing to install the update could compromise your Mac, Watch, iPad, or iPhone.

If you want to know when security updates come out, you can subscribe to a mailing list, run by Apple, that mails out notices. Apple maintains a number of mailing lists,

https://lists.apple.com/mailman/listinfo

and to subscribe to the Security Announce mailing list, go to this page,

https://lists.apple.com/mailman/listinfo/security-announce

Type in your email address in the space provided, and an optional password (there is no real need to enter a password), and press the button marked Subcribe,

Enter your email address and press the Subscribe button.
Enter your email address and press the Subscribe button.

That’s it. Apple will send you an email when they release a security update. But β€” you should still set your devices to update automatically.

And then there is Zoom

Unfortunately, Apple’s security updates only cover Apple software and hardware. SMUG uses Zoom for meetings, and Zoom, while relatively easy to use, has a very checkered past when it comes to security β€” and privacy. Most users never bother to update Zoom, and have never gone through the (extensive) preferences to make sure their individual security and privacy are protected. Many Zoom updates are released to fix stability and usability problems, but quite a few address critical security issues, such as one released in mid-August. You can read about it here:

https://www.macworld.com/article/832415/zoom-flaw-root-access-update-5-11-6.html

As an ironclad rule, you should check for a Zoom update every time you launch Zoom. Every time. Sometimes, Zoom will have more than one update a day, which means: every time you launch Zoom, check for an update.

In theory, you can have Zoom automatically check for updates in the Zoom preferences,

Check the box to have Zoom automatically update itself.
Check the box to have Zoom automatically update itself.

However, even when the box is checked, performing a manual check sometimes finds a new update.

Perform a manual check for updates, and install them, every time you launch Zoom.

One thought on “Security Updates for August 2022

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.