Lots of security related news with a new thunderbolt exploit (mostly on Windows, but macOS is not entirely unaffected) and a nasty exploit for Acrobat Reader DC.
Many were expecting 10.15.5 to drop this week, but unless it comes on Friday afternoon, we will have to be more patient. But Apple continues to release something new every week, with a new “major” update to Logic Pro X. (What do versions numbers even mean anymore?)
If you would rather get the weekly newsletter by email, you can subscribe to the Scripting OS X Weekly Newsletter here!! (Same content, delivered to your Inbox once a week.)
#! On Scripting OS X
📰News and Opinion
🦠Coronavirus and Remote Work
- Google Meet “Bombing”? Yes, it’s a thing … sort of – A.P. Orlebeke
- Jamf Nation Redeploy Initiative – Josh Jagdfeld, Jamf Blog
🐦MacAdmins on Twitter
- Geoffrey Litt: “Finding some gems in this history of Applescript: 1) Applescript originally had other dialects besides English!? Including a ”professional“ syntax that never shipped” (Thread)
- Jason Broccardo: “The official logo for DEP is ¯_(ツ)_/¯”
- Patrick Fergus: “This package is version: “0.1” Including the curly quotes.”
- Wandering Glitch: “XNU source for macOS 10.15.3 is available: opensource.apple.com/tarballs/xnu/”
🐞Bugs and Security
- Getting Root on macOS via 3rd Party Backup Software – Chris Lyne
- Known issue in Outlook for Mac – Disabled injection based plugins – Microsoft Support
- Thunderbolt Flaws Expose Millions of PCs to Hands-On Hacking – Andy Greenberg, Wired
- Thunderbolt security flaws found, affect 2011–2020 Macs – Ben Lovejoy, 9to5Mac
Macs are fully vulnerable to all of the Thunderbolt security flaws when running Bootcamp, and ‘partly affected’ when running macOS.
- More Information on Thunderbolt(TM) Security – Technology@Intel
- What’s changed in the new CIS Benchmarks for Catalina and Mojave? – David Acland, moof IT
- Security Flaws in Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently – Yuebin Sun
- Security Updates released for Adobe Acrobat Reader DC and Adobe Acrobat DC – Darren Wallace
🔨Support and HowTos
- The Mac Hardware/Software Obsolescence Chart – Anthony Reimer
- Octory – The mac admins Swiss Army knife, episode I – Mark Lamont, episode II, episode III
- Let’s Get Conditional – Manual Connection Setup — MacBuddy
- AutoPkg Repo List Fiddling – Tony Williams
- AutoPkg Repo List Fiddling Again – Tony Williams
- If you update an AutoPkg parent recipe, but your override is still using old settings – Alan Siu
- Deploying Microsoft 365 Apps and Books Through Addigy – HCS Technology Group
- How To Regenerate a New FileVault 2 Personal Recovery Key (PRK) – Mr Macintosh
- What is in your toolbox? 2020 edition (part 1) – Neil Martin, dataJAR
- Create a Managed Apple ID for APNS in Apple Business Manager/Apple School Manager – HCS Technology Group
🤖Scripting and Automation
- Removing the Restart Options section from Jamf Pro policies using the API – Rich Trouton
- twocanoes/bighonkingtext
🍏Apple Support
♻️Updates and Releases
- AutoPkgr 1.5.3
- FiloSottile/yubikey-agent: yubikey-agent is a seamless ssh-agent for YubiKeys
- Munki 5.0 Developer Preview 1: Information page
📺To Watch
🎧To Listen
- Bum steer Or A No Steer — Command-Control-Power
- The future of Wi-Fi, and what 6Ghz means for connectivity – Apple @ Work Podcast
- Recognizing facial recognition’s flaws with Chris Boyd – Lock and Code, Malwarebytes Labs
📚 Support
If you are enjoying what you are reading here, please spread the word and recommend it to another Mac Admin!
- Weblog
- Weekly Email Newsletter (TinyLetter)
- Apple News
- Micro.blog
- Mastodon.social
If you want to support me and this website even further, then consider buying one (or all) of my books. It’s like a subscription fee, but you also get a useful book or two extra!