List Of Mac Software Updates
- HP Utility is printer management software that installs with the full feature Mac print driver package. With it, you can check current printer status, view remaining ink levels, check network settings, and more. This document contains answers to the most frequently asked questions about HP Utility.
- Last chance to get 40% OFF PowerDVD 20! The best media player for home theater. 25% OFF Director Suite 365! The ultimate 4-in-1 creative editing suite.
macOS Big Sur elevates the most advanced desktop operating system in the world to a new level of power and beauty. Experience Mac to the fullest with a refined new design. Enjoy the biggest Safari update ever. Discover new features for Maps and Messages. And get even more transparency around your privacy.
Check compatibility
Garmin Support Center is where you will find answers to frequently asked questions and resources to help with all of your Garmin products.
macOS Big Sur is compatible with these computers:
MacBook introduced in 2015 or later
MacBook Air introduced in 2013 or later
MacBook Pro introduced in late 2013 or later
Mac mini introduced in 2014 or later
iMac introduced in 2014 or later
iMac Pro
Mac Pro introduced in 2013 or later
View the complete list of compatible computers.
If upgrading from macOS Sierra or later, macOS Big Sur requires 35.5GB of available storage to upgrade. If upgrading from an earlier release, macOS Big Sur requires up to 44.5GB of available storage. To upgrade from OS X Mountain Lion, first upgrade to OS X El Capitan, then upgrade to macOS Big Sur.
Make a backup
Before installing any upgrade, it’s a good idea to back up your Mac. Time Machine makes it simple, and other backup methods are also available. Learn how to back up your Mac.
Get connected
It takes time to download and install macOS, so make sure that you have a reliable Internet connection. If you're using a Mac notebook computer, plug it into AC power.
Download macOS Big Sur
If you're using macOS Mojave or later, get macOS Big Sur via Software Update: Choose Apple menu > System Preferences, then click Software Update.
Or use this link to open the macOS Big Sur page on the App Store: Get macOS Big Sur. Then click the Get button or iCloud download icon.
Begin installation
After downloading, the installer opens automatically.
Click Continue and follow the onscreen instructions. You might find it easiest to begin installation in the evening so that it can complete overnight, if needed.
If the installer asks for permission to install a helper tool, enter the administrator name and password that you use to log in to your Mac, then click Add Helper.
Allow installation to complete
Please allow installation to complete without putting your Mac to sleep or closing its lid. Your Mac might restart, show a progress bar, or show a blank screen several times as it installs both macOS and related updates to your Mac firmware.
Stay up to date
After installing macOS Big Sur, you will be notified when updates to macOS Big Sur are available. You can also use Software Update to check for updates: Choose Apple menu > System Preferences, then click Software Update.
Or get macOS Big Sur automatically
If you're using OS X El Capitan v10.11.5 or later and your App Store preferences or Software Update preferences are set to download new updates when available, macOS Big Sur will download conveniently in the background, making it even easier to upgrade. A notification will inform you when macOS Big Sur is ready to be installed. Click Install to get started, or dismiss the notification to install later. When you're ready to install, just open the file named Install macOS Big Sur from your Applications folder.
Learn more
- If the installer shows a list of apps that are not optimized for your Mac, learn about 32-bit app compatibility, then choose whether to proceed with the installation.
- For the strongest security and latest features, upgrade to macOS Big Sur. If you have hardware or software that isn't compatible with Big Sur, you might be able to install an earlier macOS.
- You can also use macOS Recovery to reinstall the macOS you're using now, upgrade to the latest compatible macOS, or install the macOS that came with your Mac.
Yesterday, seven Dnsmasq vulnerabilities were disclosed, collectively known as DNSPooq, that attackers can use to launch DNS Cache Poisoning, denial of service, and possibly remote code execution attacks, on affected devices.
Dnsmasq is a widely used open-source Domain Name System (DNS) forwarding application commonly installed on routers, operating systems, access points, and other networking equipment.
Vendors have started to release information on how customers can protect themselves from DNSPooq. To make it easier to find this information, BleepingComputer will be listing security advisories as they are released.
The related CVEs from JSOF's DNSpooq advisory are listed below, along with their descriptions.
| Name | CVSS | Description |
|---|---|---|
| CVE-2020-25681 | 8.1 | Dnsmasq versions before 2.83are susceptible to a heap-based buffer overflow in sort_rrset() when DNSSEC is used. This can allow a remote attacker to write arbitrary data into target device’s memory that can lead to memory corruption and other unexpected behaviors on the target device. |
| CVE-2020-25682 | 8.1 | Dnsmasq versions before 2.83 are susceptible to buffer overflow in extract_name() function due to missing length check, when DNSSEC is enabled. This can allow a remote attacker to cause memory corruption on the target device. |
| CVE-2020-25683 | 5.9 | Dnsmasq versions before 2.83 are susceptible to a heap-based buffer overflow when DNSSEC is enabled. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in get_rdata() and cause a crash in dnsmasq, resulting in a Denial of Service. |
| CVE-2020-25687 | 5.9 | Dnsmasq versions before 2.83are vulnerable to a heap-based buffer overflow with large memcpy in sort_rrset() when DNSSEC is enabled. A remote attacker, who can create valid DNS replies, could use this flaw to cause an overflow in a heap-allocated memory. This flaw is caused by the lack of length checks in rfc1035.c:extract_name(), which could be abused to make the code execute memcpy() with a negative size in sort_rrset() and cause a crash in dnsmasq, resulting in a Denial of Service. |
| CVE-2020-25684 | 4 | A lack of proper address/port check implemented in dnsmasq versions |
| CVE-2020-25685 | 4 | A lack of query resource name (RRNAME) checks implemented in dnsmasq’s versions before 2.83 reply_query function allows remote attackers to spoof DNS traffic that can lead to DNS cache poisoning. |
| CVE-2020-25686 | 4 | Multiple DNS query requests for the same resource name (RRNAME) by dnsmasq versions before 2.83 allows for remote attackers to spoof DNS traffic, using a birthday attack (RFC 5452), that can lead to DNS cache poisoning. |
BleepingComputer suggests checking this page throughout the coming days to see if new information is available for devices you may be using.
For more detailed information about the DNSpooq vulnerabilities, you can read the articles below:
Official Advisories, Notices, Patches, or Updates:
Below is a list of DNSPooq/dnsmasq advisories released by different vendors. The CERT Coordination Center is also maintaining a list of advisories shared with them.
If you are a vendor with an advisory or notice, please contact us to have your information added.
Last Updated: 01/20/21
Arista
Arista's advisory states that the DNSPooq vulnerabilities affect 'all EOS products including the 7xxx and 7xx Series switches and routers, and all CloudEOS packaging options.'
Arista has released updates that resolve the vulnerabilities and a hotfix if upgrading is not feasible at this time.
Cisco
Cisco released an advisory stating that 55 products and services are affected by the dnsmasq vulnerabilities. While updated software is already available for some products, many affected devices will not have fixes until February and March.
Users can find a full list of affected products and when patches will be available in the advisory.
DNSMasq
Simon Kelley, the maintainer of DNSpooq, has posted an advisory to the Dnsmasq-discuss mailing list. This advisory advises all dnsmasq users to upgrade to version 2.83 to resolve the vulnerabilities.
Their complete advisory is below.
'There are broadly two sets of problems. The first is subtle errors in dnsmasq's protections against the chronic weakness of the DNS protocol to cache-poisoning attacks; the Birthday attack, Kaminsky, etc. The code is now as secure as it can be, given that the real solution to this is DNSSEC, both endpoint validation and domains actually signing. This is covered by CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686.
Unfortunately, given the above, the second set of errors is a good old fashioned buffer overflow in dnsmasq's DNSSEC code. If DNSSEC validation is enabled, an installation is at risk. This is covered by CVE-2020-25681, CVE-2020-25682, CVE-2020-25683 and CVE-2020-25687.
Many, many people have worked over a considerable period to find these problems, fix them, and co-ordinate the security response. They are named in JSOF's disclosure, but special mention should go to Shlomi Oberman, Vijay Sarvepilli, Petr Menšík, and Dan Schaper.'
OpenWRT
OpenWRT has released an advisory explaining how you can upgrade your dnsmasq package to resolve the vulnerability using the following command:
More details on how to verify if the upgrade completed successfully can be found in the advisory.
The advisory also provides configuration-based mitigation if you are unable to upgrade your router at this time.
Netgear
Netgear has released an advisory stating that the following products are vulnerable to the DNSPooq dnsmaq vulnerabilities:
- RAX40 running firmware versions prior to v1.0.3.88
- RAX35 running firmware versions prior to v1.0.3.88
Netgear owners can download updated firmware for these products from the NETGEAR Support section.
Red Hat
Red Hat released an advisory today offering mitigation advice for various versions of Red Hat Enterprise Linux.
It is possible to mitigate the vulnerabilities in Red Hat 8.3 using dnsmasq configuration options. However, earlier versions require you to update the dnsmasq package.
List Of Mac Software Updates In Order
Siemens
Siemens has released a security advisory that states the RuggedCom RM1224 and various Scalance versions are affected by the DNSPooq vulnerabilities.
List Of Mac Software Updates
Updates are not available yet, but Siemens has provided mitigations that can be applied to the devices to reduce the risk.
Sophos
Sophos' advisory states that their Sophos RED product is affected by the DNSPooq vulnerability. Sophos states that updated Sophos RED firmware for XG Firewall and SG UTM will be available soon.
List Of Mac Software Updates In Order
Synology
Synology has released a security advisory stating that their DiskStation Manager (DSM) and Synology Router Manager (SRM) operating systems are only vulnerable to the DNSPooq DNS cache poisoning vulnerabilities (CVE-2020-25684, CVE-2020-25685 and CVE-2020-25686).
'None of Synology's products are affected by CVE-2020-25681, CVE-2020-25682, CVE-2020-25683 and CVE-2020-25687 as these vulnerabilities only affect when DNSSEC is compiled,' Synology's advisory explains about the other vulnerabilities.
The vulnerabilities in SRM 1.2 are resolved in version 1.2.4-8081-2 or above. A fix is not available yet for DSM 6.2.
Mac Software Versions
Ubuntu
Ubuntu has issued an advisory listing available packages for Ubuntu 16.04, 18.04, 20.04, and 20.10 that resolve the vulnerability.
It should be noted that 'after a standard system update you need to reboot your computer to make all the necessary changes.'
Related Articles: