All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com

Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
Capacities up to 56TB and speeds up to 1527MB/s
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$348 $298
SAVE $50

$170 $120
SAVE $50

$300 $175
SAVE $125

$989 $869
SAVE $120

$400 $310
SAVE $90

$1470 $1299
SAVE $171

$322 $242
SAVE $80

$1470 $1299
SAVE $171

$180 $140
SAVE $40

$500 $275
SAVE $225

$180 $156
SAVE $24

$130 $100
SAVE $30

$3498 $2998
SAVE $500

$1699 $1149
SAVE $550

$280 $230
SAVE $50

$1899 $1499
SAVE $400

$4499 $3499
SAVE $1000

$2198 $1998
SAVE $200

$3998 $3498
SAVE $500

$1799 $1699
SAVE $100

$18599 $16599
SAVE $2000

$1149 $849
SAVE $300

$650 $450
SAVE $200

$199 $119
SAVE $80

$280 $200
SAVE $80

$1399 $1049
SAVE $350

$1199 $779
SAVE $420

$250 $220
SAVE $30

$1699 $1149
SAVE $550

$195 $125
SAVE $70

$79 $49
SAVE $30

$120 $30
SAVE $90

$198 $148
SAVE $50

$3899 $1499
SAVE $2400

$2999 $1999
SAVE $1000

$1699 $849
SAVE $850

$1698 $1198
SAVE $500

$1149 $849
SAVE $300

$1399 $1049
SAVE $350

$1498 $998
SAVE $500

$2797 $2497
SAVE $300

$280 $230
SAVE $50

$799 $449
SAVE $350

$899 $549
SAVE $350

$420 $170
SAVE $250

$1699 $1149
SAVE $550

OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!

Concerned about macOS Security Fixes

Update: looks like my concerns were spot-on, that is, Apple released an updates to the update on March 30. For macOS High Sierra, the build number with the updated update should be macOS 10.13.6 (17G6030), as seen in About This Mac => System Report => Software.

MPG recommends the following settings for updates.

Recommended App Store preferences for system updates
(for those who travel and/or want security without unwanted updates)

Ambiguity issue with macOS security update (initial post)

I’m bothered by Apple’s ambiguity in About the security content of macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra.

Specifically there are two bad things at work and one of them must be true: either macOS 10.14 Mojave introduced some serious new bugs, or those bugs are not being fixed for macOS 10.13 High Sierra. Either way is bad, but I’d at least like to know the answer.

An excerpt below demonstrates why I am confused: if a bug is fixed in Mojave but not High Sierra, is it a new bug in Mojave only, or does the bug still exist in High Sierra? Apple doesn’t say. Either way looks like B-team work for Apple.

Bom
Available for: macOS Mojave 10.14.3  <== new bug or not fixed in High Sierra?
Impact: A malicious application may bypass Gatekeeper checks
Description: This issue was addressed with improved handling of file metadata.
CVE-2019-6239: Ian Moorhouse and Michael Trimm

CFString
Available for: macOS Mojave 10.14.3 <== new bug or not fixed in High Sierra?
Impact: Processing a maliciously crafted string may lead to a denial of service
Description: A validation issue was addressed with improved logic.
CVE-2019-8516: SWIPS Team of Frifee Inc.

configd
Available for: macOS Mojave 10.14.3 <== new bug or not fixed in High Sierra?
Impact: A malicious application may be able to elevate privileges
Description: A memory initialization issue was addressed with improved memory handling.
CVE-2019-8552: Mohamed Ghannam (@_simo36)

Contacts
Available for: macOS Mojave 10.14.3 <== new bug or not fixed in High Sierra?
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow issue was addressed with improved memory handling.
CVE-2019-8511: an anonymous researcher

CoreCrypto
Available for: macOS Mojave 10.14.3 <== new bug or not fixed in High Sierra?
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2019-8542: an anonymous researcher
DiskArbitration
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3  fixed for 3 macOS versions
Impact: An encrypted volume may be unmounted and remounted by a different user without prompting for the password
Description: A logic issue was addressed with improved state management.
CVE-2019-8522: Colin Meginnis (@falc420)
...
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!
OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!
OWC Envoy Pro EX SSD
Blazingly fast Thunderbolt 3 SSD!

Up to 4TB capacity, USB-C compatible.

USB-C model also available


Great for travel or for desktop!

Deals Updated Daily at B&H Photo
View all handpicked deals...

Lexar 128GB Professional 2000x UHS-II SDXC Memory Card
$170 $120
SAVE $50

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__