Security Update 2020-005 (Mojave and High Sierra)

Originally published at: Security Update 2020-005 (Mojave and High Sierra) - TidBITS

Patches security vulnerabilities in Apple’s last two operating systems. (Free, various sizes)

1 Like

Security Update 2020-005 High Sierra fixed a bad bug. The release note doesn’t say anything about it, but I observed the following change on my 2017 iMac 5K running macOS 10.13.6 High Sierra:

In July 2020, I installed Security Update 2020-004, 10.13.6 High Sierra (17G14019). After that, if my iMac sleeps and then wakes up, at first it works fine, but after a few minutes, Internet connection disconnects itself. The PPPoE menubar icon shows the disconnected status, and if I use that menu and select the ‘connect PPPoE’ item, it tries to connect, but fails. The only way to connect to the Internet was to open System Preferences, open Network pane, select ‘PPPoE’ from the sidebar, and then click the ‘Connect’ button. Then the Internet connection (Fiber-optic connection by a Japanese ISP) would come back. But then if my iMac sleeps and wakes up, the same thing would happen again.

This was the situation with Security Update 2020-004. (I had NEVER seen the problem before that.)

On Friday (September 25, Japan Time) Security Update 2020-005 High Sierra (17G14033) came out. I installed it. After that, now that 50 hours have passed, but the problem never occured again. Internet connection is 100% reliable now. Somehow, 2020-005 must have fixed something about my PPPoE connection.

Apple’s macOS Catalina 10.15.7 release note says:

  • Resolves an issue where macOS would not automatically connect to Wi-Fi networks

I guess this might be related…?

1 Like

Haven’t there just been a flurry of posts on TidBITS Talk saying we should avoid this Security Update because there are some serious problems with it?

Randy Singer posted this article:

I’m staying away for now.

1 Like

Freaky. We must have had an odd collision when editing, since Josh’s save overwrote the change I made to the draft to point out the problems. The article is fixed now, with the link to the thread here.

We recommend avoiding Security Update 2020-005 for Mojave for now. Numerous problems are being reported, including issues with creating new users.

1 Like

More info:

What went wrong with Mojave Security Update 2020-005, and Catalina 10.15.7?

Unfortunately I promptly installed both the security update and the Safari update as well. The only issues I have had since the install has been with printing to a local USB printer. No matter what the application, I will get the spinning beachball of death. I found that a reboot of the machine made that one go away.

Haven’t (yet) seen any of the other issues being reported.

And some others won’t either. Several Enterprise IT’s have run tests which show that installing Safari 14 first and then probably any Security Update (2020-005 and -004 for certain) will cause issues. They are seeing none of these issues when a Security Update is installed first.

interesting. On my sample size of 1 Mac running Mojave, I installed Safari 14 before the Security Update, and other than not being able to create new users, I personally haven’t experienced any of these stated issues

I encountered the same frustration with the Security Update 2020-005. My Mojave OS slowed down to an unbearable crawl taking 15 minutes to complete any operation. Ran DiskFirstAid in Recovery mode and uninstalled Avast antivirus problem. Mojave was slightly better but still not great. Decided to upgrade to Catalina 10.15.7 and everything works fine. Catalina installed without any issues.

Haha! :smiley: Maybe that was the plan all along. Get those HS/Mojave holdouts to finally update to Catalina! :wink:

1 Like

I won’t be trying your “suggestion”, Simon! :stuck_out_tongue_winking_eye:

But I found this “new user” problem over the weekend while trouble-shooting a HDD/S.M.A.R.T. problem. I attempted to create a new user several times (holding my tongue as many different ways as I could) but without success.

I even tried again just now and discovered that the OS “remembers” the user names I have already used, even though none of those users appear anywhere I can see. Obviously, parts of this process are working. Hope to see a fix ASAP, even though it won’t do anything for my HDD problem…


1 Like

If I’m reading macOS 10.14.6 Mojave Supplemental Update Fixes Problems with an Updated Safari 14.0 - Article Comments - TidBITS Talk correctly, then it is now safe to install this update. If so, should the recommendation against doing so be removed from the article?

As a matter of policy, we almost never change any TidBITS article that has been sent out in email; we consider it set in stone at that point unless there’s some major confusion that could result.

The reason is simple. Everything changes. If we allowed ourselves to go back to update articles to account for what had changed in the interim, we’d never do anything else.

Ideally, the comments should make it clear when the world has shifted since the publication of the article, and your question and my response should make that clear for anyone who stumbles on the associated article but doesn’t see any of our subsequent coverage.

That policy (not changing things after some significant event, such as sending by email) makes sense.

In this particular case, it was a different thread that provided the all clear (and even it was not, to my mind, fully unambiguous), so I wasn’t sure. You have now provided the follow-up I was seeking. Thank you.

FWIW, on my personal blog, when something like this happens, I will add a paragraph to the start or end of the article beginning with “UPDATE :”.

The only time I ever change the original article after publication is to correct typos or to fix broken links (usually with Wayback Machine links) when I discover them, but nothing that would change the actual content.

Of course, I usually don’t post more than 2-3 articles a week to my blog, so I can do things like this, which a site like TidBITS could never consider doing (except maybe for extreme exceptions).

1 Like