macOS Big Sur 11.6 released with two important security fixes

Apple has released macOS Big Sur 11.6 with two important security fixes. As per the company, these security flaws were actively exploited so it is recommended that users update immediately.

What’s new in macOS Big Sur 11.6?

macOS Big Sur 11.6 features security patches for two flaws that impact CoreGraphics and WebKit. These flaws could lead to arbitrary code execution and have also been actively exploited in the wild.

CoreGraphics

Available for: macOS Big Sur

Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An integer overflow was addressed with improved input validation.

CVE-2021-30860: The Citizen Lab

WebKit

Available for: macOS Big Sur

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A use after free issue was addressed with improved memory management.

CVE-2021-30858: an anonymous researcher

The CoreGraphics flaw, reported by The Citizen Lab, allowed hackers to bypass iMessage’s BlastDoor sandbox in iOS 14 using a malicious PDF. BlastDoor was introduced in iOS 14 as a security layer to protect iMessage from 0-click and brute force attacks.

Apple has also released a software update for macOS Catalina which fixes the security flaw with CoreGraphics, but it does not contain any WebKit update.

Does your Mac support macOS Big Sur 11.6?

macOS Big Sur 11.6 is compatible with the following Macs:

• MacBook Air (2013 and newer)
• MacBook Pro (late 2013 and newer)
• MacBook (2015 and newer)
• iMac (2014 and newer)
• iMac Pro (2017 and newer)
• Mac mini (2014 and newer)
• Mac Pro (2013 and newer)

How to upgrade to macOS Big Sur 11.6?

Go to System Preferences > Software Update on your Mac to download and install the new version. If you are on a MacBook, make sure that it is connected to a power outlet before starting the update.

macOS Monterey is currently in beta testing and is expected to be released to all users in the coming days. Here are the new features that you can expect to use when the update drops:

• New Safari design and tab groups
• Focus and notifications improvements
• Shortcuts app
• Notes
• AirPlay to Mac
• Live Text
• FaceTime improvements and SharePlay
• Shared with You
• Low Power Mode
• iCloud Private Relay
• iCloud password manager in settings
• M1 app improvements
• Spatial audio support for AirPods Pro and AirPods Max (M1 Macs only)

Read more:

• Apple releases iOS 14.8 and iPadOS 14.8 with security fixes
• watchOS 7.6.2 released with important security fix