Breakpointing-Bad-Public
/
vpn-attacks
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14 Commits
1 Branch
0 Tags
530 MiB
 
 
 
 
 
 
Tree: 2a91bae9a2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '2a91bae9a2'
${ noResults }
vpn-attacks/vendor-patches/Apple/About the security content ...

1150 lines
84 KiB
Raw Blame History

<!DOCTYPE html>
<html prefix="og: http://ogp.me/ns#" dir="ltr" lang="en"><head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title lang="en">About the security content of macOS
Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update
2020-004 High Sierra - Apple Support</title>
<link rel="dns-prefetch" href="https://www.apple.com/">
<link rel="preconnect" href="https://www.apple.com/" crossorigin="">
<link rel="canonical" href="https://support.apple.com/en-us/HT211289">
<link rel="alternate" hreflang="en-ie" href="https://support.apple.com/en-ie/HT211289">
<link rel="alternate" hreflang="ar-kw" href="https://support.apple.com/ar-kw/HT211289">
<link rel="alternate" hreflang="en-il" href="https://support.apple.com/en-il/HT211289">
<link rel="alternate" hreflang="en-in" href="https://support.apple.com/en-in/HT211289">
<link rel="alternate" hreflang="en-ae" href="https://support.apple.com/en-ae/HT211289">
<link rel="alternate" hreflang="en-za" href="https://support.apple.com/en-za/HT211289">
<link rel="alternate" hreflang="no-no" href="https://support.apple.com/no-no/HT211289">
<link rel="alternate" hreflang="en-al" href="https://support.apple.com/en-al/HT211289">
<link rel="alternate" hreflang="en-is" href="https://support.apple.com/en-is/HT211289">
<link rel="alternate" hreflang="el-gr" href="https://support.apple.com/el-gr/HT211289">
<link rel="alternate" hreflang="en-am" href="https://support.apple.com/en-am/HT211289">
<link rel="alternate" hreflang="nl-nl" href="https://support.apple.com/nl-nl/HT211289">
<link rel="alternate" hreflang="en-au" href="https://support.apple.com/en-au/HT211289">
<link rel="alternate" hreflang="he-il" href="https://support.apple.com/he-il/HT211289">
<link rel="alternate" hreflang="hu-hu" href="https://support.apple.com/hu-hu/HT211289">
<link rel="alternate" hreflang="en-jo" href="https://support.apple.com/en-jo/HT211289">
<link rel="alternate" hreflang="en-bh" href="https://support.apple.com/en-bh/HT211289">
<link rel="alternate" hreflang="es-cl" href="https://support.apple.com/es-cl/HT211289">
<link rel="alternate" hreflang="fr-sn" href="https://support.apple.com/fr-sn/HT211289">
<link rel="alternate" hreflang="fr-ca" href="https://support.apple.com/fr-ca/HT211289">
<link rel="alternate" hreflang="es-co" href="https://support.apple.com/es-co/HT211289">
<link rel="alternate" hreflang="pl-pl" href="https://support.apple.com/pl-pl/HT211289">
<link rel="alternate" hreflang="en-bn" href="https://support.apple.com/en-bn/HT211289">
<link rel="alternate" hreflang="pt-pt" href="https://support.apple.com/pt-pt/HT211289">
<link rel="alternate" hreflang="en-sa" href="https://support.apple.com/en-sa/HT211289">
<link rel="alternate" hreflang="fr-be" href="https://support.apple.com/fr-be/HT211289">
<link rel="alternate" hreflang="ar-eg" href="https://support.apple.com/ar-eg/HT211289">
<link rel="alternate" hreflang="en-bw" href="https://support.apple.com/en-bw/HT211289">
<link rel="alternate" hreflang="en-sg" href="https://support.apple.com/en-sg/HT211289">
<link rel="alternate" hreflang="en-ke" href="https://support.apple.com/en-ke/HT211289">
<link rel="alternate" hreflang="hr-hr" href="https://support.apple.com/hr-hr/HT211289">
<link rel="alternate" hreflang="en-om" href="https://support.apple.com/en-om/HT211289">
<link rel="alternate" hreflang="zh-mo" href="https://support.apple.com/zh-mo/HT211289">
<link rel="alternate" hreflang="de-at" href="https://support.apple.com/de-at/HT211289">
<link rel="alternate" hreflang="en-gu" href="https://support.apple.com/en-gu/HT211289">
<link rel="alternate" hreflang="en-gw" href="https://support.apple.com/en-gw/HT211289">
<link rel="alternate" hreflang="fr-gn" href="https://support.apple.com/fr-gn/HT211289">
<link rel="alternate" hreflang="fr-gq" href="https://support.apple.com/fr-gq/HT211289">
<link rel="alternate" hreflang="cs-cz" href="https://support.apple.com/cs-cz/HT211289">
<link rel="alternate" hreflang="en-ph" href="https://support.apple.com/en-ph/HT211289">
<link rel="alternate" hreflang="zh-tw" href="https://support.apple.com/zh-tw/HT211289">
<link rel="alternate" hreflang="ko-kr" href="https://support.apple.com/ko-kr/HT211289">
<link rel="alternate" hreflang="en-hk" href="https://support.apple.com/en-hk/HT211289">
<link rel="alternate" hreflang="sk-sk" href="https://support.apple.com/sk-sk/HT211289">
<link rel="alternate" hreflang="ru-ru" href="https://support.apple.com/ru-ru/HT211289">
<link rel="alternate" hreflang="en-qa" href="https://support.apple.com/en-qa/HT211289">
<link rel="alternate" hreflang="sv-se" href="https://support.apple.com/sv-se/HT211289">
<link rel="alternate" hreflang="da-dk" href="https://support.apple.com/da-dk/HT211289">
<link rel="alternate" hreflang="en-us" href="https://support.apple.com/en-us/HT211289">
<link rel="alternate" hreflang="en-mk" href="https://support.apple.com/en-mk/HT211289">
<link rel="alternate" hreflang="en-mn" href="https://support.apple.com/en-mn/HT211289">
<link rel="alternate" hreflang="en-eg" href="https://support.apple.com/en-eg/HT211289">
<link rel="alternate" hreflang="en-mo" href="https://support.apple.com/en-mo/HT211289">
<link rel="alternate" hreflang="fr-ne" href="https://support.apple.com/fr-ne/HT211289">
<link rel="alternate" hreflang="en-mt" href="https://support.apple.com/en-mt/HT211289">
<link rel="alternate" hreflang="nl-be" href="https://support.apple.com/nl-be/HT211289">
<link rel="alternate" hreflang="zh-cn" href="https://support.apple.com/zh-cn/HT211289">
<link rel="alternate" hreflang="en-mz" href="https://support.apple.com/en-mz/HT211289">
<link rel="alternate" hreflang="fr-ml" href="https://support.apple.com/fr-ml/HT211289">
<link rel="alternate" hreflang="en-my" href="https://support.apple.com/en-my/HT211289">
<link rel="alternate" hreflang="fr-mu" href="https://support.apple.com/fr-mu/HT211289">
<link rel="alternate" hreflang="en-ng" href="https://support.apple.com/en-ng/HT211289">
<link rel="alternate" hreflang="el-cy" href="https://support.apple.com/el-cy/HT211289">
<link rel="alternate" hreflang="en-vn" href="https://support.apple.com/en-vn/HT211289">
<link rel="alternate" hreflang="ja-jp" href="https://support.apple.com/ja-jp/HT211289">
<link rel="alternate" hreflang="de-ch" href="https://support.apple.com/de-ch/HT211289">
<link rel="alternate" hreflang="en-nz" href="https://support.apple.com/en-nz/HT211289">
<link rel="alternate" hreflang="ro-ro" href="https://support.apple.com/ro-ro/HT211289">
<link rel="alternate" hreflang="it-ch" href="https://support.apple.com/it-ch/HT211289">
<link rel="alternate" hreflang="tr-tr" href="https://support.apple.com/tr-tr/HT211289">
<link rel="alternate" hreflang="fr-fr" href="https://support.apple.com/fr-fr/HT211289">
<link rel="alternate" hreflang="en-gb" href="https://support.apple.com/en-gb/HT211289">
<link rel="alternate" hreflang="fi-fi" href="https://support.apple.com/fi-fi/HT211289">
<link rel="alternate" hreflang="en-ca" href="https://support.apple.com/en-ca/HT211289">
<link rel="alternate" hreflang="fr-tn" href="https://support.apple.com/fr-tn/HT211289">
<link rel="alternate" hreflang="ar-ae" href="https://support.apple.com/ar-ae/HT211289">
<link rel="alternate" hreflang="en-kw" href="https://support.apple.com/en-kw/HT211289">
<link rel="alternate" hreflang="fr-cf" href="https://support.apple.com/fr-cf/HT211289">
<link rel="alternate" hreflang="fr-ci" href="https://support.apple.com/fr-ci/HT211289">
<link rel="alternate" hreflang="fr-ch" href="https://support.apple.com/fr-ch/HT211289">
<link rel="alternate" hreflang="es-us" href="https://support.apple.com/es-us/HT211289">
<link rel="alternate" hreflang="fr-cm" href="https://support.apple.com/fr-cm/HT211289">
<link rel="alternate" hreflang="en-lb" href="https://support.apple.com/en-lb/HT211289">
<link rel="alternate" hreflang="ar-sa" href="https://support.apple.com/ar-sa/HT211289">
<link rel="alternate" hreflang="de-de" href="https://support.apple.com/de-de/HT211289">
<link rel="alternate" hreflang="en-lk" href="https://support.apple.com/en-lk/HT211289">
<link rel="alternate" hreflang="fr-ma" href="https://support.apple.com/fr-ma/HT211289">
<link rel="alternate" hreflang="zh-hk" href="https://support.apple.com/zh-hk/HT211289">
<link rel="alternate" hreflang="pt-br" href="https://support.apple.com/pt-br/HT211289">
<link rel="alternate" hreflang="de-li" href="https://support.apple.com/de-li/HT211289">
<link rel="alternate" hreflang="ar-bh" href="https://support.apple.com/ar-bh/HT211289">
<link rel="alternate" hreflang="es-es" href="https://support.apple.com/es-es/HT211289">
<link rel="alternate" hreflang="fr-mg" href="https://support.apple.com/fr-mg/HT211289">
<link rel="alternate" hreflang="ar-jo" href="https://support.apple.com/ar-jo/HT211289">
<link rel="alternate" hreflang="es-mx" href="https://support.apple.com/es-mx/HT211289">
<link rel="alternate" hreflang="it-it" href="https://support.apple.com/it-it/HT211289">
<link rel="alternate" hreflang="en-ug" href="https://support.apple.com/en-ug/HT211289">
<link rel="alternate" hreflang="id-id" href="https://support.apple.com/id-id/HT211289">
<link rel="alternate" hreflang="de-lu" href="https://support.apple.com/de-lu/HT211289">
<link rel="alternate" hreflang="en-md" href="https://support.apple.com/en-md/HT211289">
<link rel="alternate" hreflang="fr-lu" href="https://support.apple.com/fr-lu/HT211289">
<link rel="alternate" hreflang="en-me" href="https://support.apple.com/en-me/HT211289">
<link rel="alternate" hreflang="th-th" href="https://support.apple.com/th-th/HT211289">
<meta name="description" content="This document describes the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra.
">
<meta property="og:url" content="https://support.apple.com/en-us/HT211289">
<meta property="og:title" content="About the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra">
<meta property="og:description" content="This document describes the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra.
">
<meta property="og:site_name" content="Apple Support">
<meta property="og:locale" content="en_US">
<meta property="og:type" content="article">
<meta name="ac-gn-search-field[locale]" content="en_US">
<script type="application/ld+json">{ "@context": "https://ziyuan.baidu.com/contexts/cambrian.jsonld","@id":"https://support.apple.com/en-us/HT211289","appid": "1583465330249689","title":"About the security ","pubDate":"2020-07-10T05:49:30","upDate":"2020-12-15T06:08:19"}</script>
<link rel="stylesheet" href="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/app-ht.css" type="text/css">
<link rel="stylesheet" href="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/ac-globalfooter.css" type="text/css">
<link rel="stylesheet" href="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/ac-globalnav.css" type="text/css">
<link rel="stylesheet" href="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/fonts.css" type="text/css">
<script>
var _applemd = {
page: {
site_section: "kb",
content_type: "ht",
info_type: "update",
topics: "security update",
in_house: "domain,security &amp; cert update",
locale: "en-us",
friendly_content: {
title: "About the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra",
publish_date: "12152020",
content_id: "HT211289",
status: "unarchieved",
version: "1.28"
},
testandtarget:{
throttle:"0.0"
},
},
product: {
list: ["acs::kb::productcategory::product security",]
}
}
</script>
<script src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/nn.js" type="text/javascript" charset="utf-8"></script>
<script>
var neighborInitData = {
appDataSchemaVersion: '2.0.0',
endpoint: 'https://supportmetrics.apple.com/content/services/stats'
}
</script>
<script>
var data = {
showHelpFulfeedBack: true,
id: "HT211289",
locale: "en_US",
podCookie: "us~en",
urlLocale: "en-us",
isPreview : false,
productCategories : "PP23",
source : "",
channel : "HOWTO_ARTICLES",
bizChatLink : "https://bcrw.apple.com/urn:biz:b15ed773-9eed-11e7-baa2-7b88b04daa8e",
bizChatIntentId : "ContactApple",
bizChatGroupId : "%7B%22domain%22:%20%22AC%22,%22origin%22:%20%22OLS%22,%22page%22:%20%22acs::kb::ht::ARTICLEID::contact%20apple%20for%20support%20and%20service%20(en-us)%22%7D",
bizChatBody : "%3Cstrong%3EChat using Messages%3C/strong%3E %3Cbr%3E Have a question? Ask now.",
bizChatSupportedCountries : "US",
bizChatthrottleValue : 0.0,
bypassBizChat: false,
akamaiEdgeScapeURL: "https://support.apple.com/edge-sight",
isNeighborJsEnabled: true,
isOkapiEnabled: false,
domain: "support.apple.com",
dtmPageName: "acs.pageload"
}
window.appState = JSON.stringify(data);
document.cookie = 'POD=us~en; path=/; domain=.apple.com; expires='+new Date(Date.now() + (28 * 24 * 60 * 60 * 1000)).toGMTString();
</script>
<link rel="stylesheet" href="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/accs-offer.css"></head>
<body class="ac-gn-current-support js" itemscope="" itemtype="https://schema.org/TechArticle" data-new-gr-c-s-check-loaded="8.869.0" data-gr-ext-installed="">
<meta name="ac-gn-store-key" content="S2A49YFKJF2JAT22K"><meta name="ac-gn-search-action" content="https://support.apple.com/kb/index"><meta name="ac-gn-search-input" content="q"><meta name="ac-gn-search-field[src]" content="globalnav_support"><meta name="ac-gn-search-field[type]" content="organic"><meta name="ac-gn-search-field[page]" content="search"><meta name="ac-gn-search-field[locale]" content="en_US"><link onerror="headerCssFallback()" rel="stylesheet" type="text/css" href="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/ac-globalnav.css"><aside id="ac-gn-segmentbar" class="ac-gn-segmentbar" dir="ltr" data-strings="{ 'exit': 'Exit', 'view': '{%STOREFRONT%} Store Home', 'segments': { 'smb': 'Business Store Home', 'eduInd': 'Education Store Home', 'other': 'Store Home' } }" lang="en-US"></aside><input type="checkbox" id="ac-gn-menustate" class="ac-gn-menustate"><nav id="ac-globalnav" class="js no-touch windows" role="navigation" aria-label="Global" data-hires="false" data-analytics-region="global nav" dir="ltr" data-www-domain="www.apple.com" data-store-locale="us" data-store-root-path="/us" data-store-api="https://www.apple.com/[storefront]/shop/bag/status" data-search-locale="en_US" data-search-suggestions-api="https://www.apple.com/search-services/suggestions/" data-search-defaultlinks-api="https://www.apple.com/search-services/suggestions/defaultlinks/" lang="en-US"><div class="ac-gn-content"><ul class="ac-gn-header"><li class="ac-gn-item ac-gn-menuicon"><label class="ac-gn-menuicon-label" for="ac-gn-menustate" aria-hidden="true"><span class="ac-gn-menuicon-bread ac-gn-menuicon-bread-top"><span class="ac-gn-menuicon-bread-crust ac-gn-menuicon-bread-crust-top"></span></span><span class="ac-gn-menuicon-bread ac-gn-menuicon-bread-bottom"><span class="ac-gn-menuicon-bread-crust ac-gn-menuicon-bread-crust-bottom"></span></span></label><a href="#ac-gn-menustate" role="button" class="ac-gn-menuanchor ac-gn-menuanchor-open" id="ac-gn-menuanchor-open"><span class="ac-gn-menuanchor-label">Global Nav Open Menu</span></a><a href="#" role="button" class="ac-gn-menuanchor ac-gn-menuanchor-close" id="ac-gn-menuanchor-close"><span class="ac-gn-menuanchor-label">Global Nav Close Menu</span></a></li><li class="ac-gn-item ac-gn-apple"><a class="ac-gn-link ac-gn-link-apple" href="https://www.apple.com/" data-analytics-title="apple home" id="ac-gn-firstfocus-small"><span class="ac-gn-link-text">Apple</span></a></li><li class="ac-gn-item ac-gn-bag ac-gn-bag-small" id="ac-gn-bag-small"><div class="ac-gn-bag-wrapper"><a class="ac-gn-link ac-gn-link-bag" href="https://www.apple.com/us/shop/goto/bag" data-analytics-title="bag" data-analytics-click="bag" aria-label="Shopping Bag" data-string-badge="Shopping Bag with item count :" role="button" aria-haspopup="true" aria-expanded="false" aria-controls="ac-gn-bagview-content"><span class="ac-gn-link-text">Shopping Bag</span></a><span class="ac-gn-bag-badge"><span class="ac-gn-bag-badge-separator"></span><span class="ac-gn-bag-badge-number"></span><span class="ac-gn-bag-badge-unit">+</span></span></div><span class="ac-gn-bagview-caret ac-gn-bagview-caret-large"></span></li></ul><div class="ac-gn-search-placeholder-container" role="search"><div class="ac-gn-search ac-gn-search-small"><a id="ac-gn-link-search-small" class="ac-gn-link" href="https://support.apple.com/kb/index?page=search&amp;locale=en_US" data-analytics-title="search" data-analytics-click="search" data-analytics-intrapage-link="" aria-label="Search Support" role="button" aria-haspopup="true"><div class="ac-gn-search-placeholder-bar"><div class="ac-gn-search-placeholder-input"><div class="ac-gn-search-placeholder-input-text" aria-hidden="true"><div class="ac-gn-link-search ac-gn-search-placeholder-input-icon"></div><span class="ac-gn-search-placeholder">Search Support</span></div></div><div class="ac-gn-searchview-close ac-gn-searchview-close-small ac-gn-search-placeholder-searchview-close"><span class="ac-gn-searchview-close-cancel" aria-hidden="true">Cancel</span></div></div></a></div></div><ul class="ac-gn-list"><li class="ac-gn-item ac-gn-apple"><a class="ac-gn-link ac-gn-link-apple" href="https://www.apple.com/" data-analytics-title="apple home" id="ac-gn-firstfocus"><span class="ac-gn-link-text">Apple</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-mac"><a class="ac-gn-link ac-gn-link-mac" href="https://www.apple.com/mac/" data-analytics-title="mac"><span class="ac-gn-link-text">Mac</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-ipad"><a class="ac-gn-link ac-gn-link-ipad" href="https://www.apple.com/ipad/" data-analytics-title="ipad"><span class="ac-gn-link-text">iPad</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-iphone"><a class="ac-gn-link ac-gn-link-iphone" href="https://www.apple.com/iphone/" data-analytics-title="iphone"><span class="ac-gn-link-text">iPhone</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-watch"><a class="ac-gn-link ac-gn-link-watch" href="https://www.apple.com/watch/" data-analytics-title="watch"><span class="ac-gn-link-text">Watch</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-tv"><a class="ac-gn-link ac-gn-link-tv" href="https://www.apple.com/tv/" data-analytics-title="tv"><span class="ac-gn-link-text">TV</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-music"><a class="ac-gn-link ac-gn-link-music" href="https://www.apple.com/music/" data-analytics-title="music"><span class="ac-gn-link-text">Music</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-support"><a class="ac-gn-link ac-gn-link-support" href="https://support.apple.com/" data-analytics-title="support"><span class="ac-gn-link-text">Support</span></a></li><li class="ac-gn-item ac-gn-item-menu ac-gn-search" role="search"><a id="ac-gn-link-search" class="ac-gn-link ac-gn-link-search" href="https://support.apple.com/kb/index?page=search&amp;locale=en_US" data-analytics-title="search" data-analytics-click="search" data-analytics-intrapage-link="" aria-label="Search Support" role="button" aria-haspopup="true" data-analytics-listener-added="true"></a></li><li class="ac-gn-item ac-gn-bag" id="ac-gn-bag"><div class="ac-gn-bag-wrapper"><a class="ac-gn-link ac-gn-link-bag" href="https://www.apple.com/us/shop/goto/bag" data-analytics-title="bag" data-analytics-click="bag" aria-label="Shopping Bag" data-string-badge="Shopping Bag with item count : {%BAGITEMCOUNT%}" role="button" aria-haspopup="true" aria-expanded="false" aria-controls="ac-gn-bagview-content"><span class="ac-gn-link-text">Shopping Bag</span></a><span class="ac-gn-bag-badge" aria-hidden="true"><span class="ac-gn-bag-badge-separator"></span><span class="ac-gn-bag-badge-number"></span><span class="ac-gn-bag-badge-unit">+</span></span></div><span class="ac-gn-bagview-caret ac-gn-bagview-caret-large"></span></li></ul><aside id="ac-gn-searchview" class="ac-gn-searchview" role="search" data-analytics-region="search"><div class="ac-gn-searchview-content"><div class="ac-gn-searchview-bar"><div class="ac-gn-searchview-bar-wrapper"><form id="ac-gn-searchform" class="ac-gn-searchform" action="https://support.apple.com/kb/index" method="get"><div class="ac-gn-searchform-wrapper"><input id="ac-gn-searchform-input" class="ac-gn-searchform-input" type="text" aria-label="Search Support" placeholder="Search Support" autocorrect="off" autocapitalize="none" autocomplete="off" spellcheck="false" role="combobox" aria-autocomplete="list" aria-expanded="true" aria-owns="quicklinks suggestions" name="q"><input id="ac-gn-searchform-src" type="hidden" name="src" value="globalnav_support"><button id="ac-gn-searchform-submit" class="ac-gn-searchform-submit" type="submit" disabled="disabled" aria-label="Submit Search"></button><button id="ac-gn-searchform-reset" class="ac-gn-searchform-reset" type="reset" disabled="disabled" aria-label="Clear Search"><span class="ac-gn-searchform-reset-background"></span></button><input type="hidden" name="locale" value="en_US"><input type="hidden" name="type" value="organic"><input type="hidden" name="page" value="search"></div></form><button id="ac-gn-searchview-close-small" class="ac-gn-searchview-close ac-gn-searchview-close-small" aria-label="Cancel Search"><span class="ac-gn-searchview-close-cancel" aria-hidden="true">Cancel</span></button></div></div><aside id="ac-gn-searchresults" class="ac-gn-searchresults" data-string-quicklinks="Quick Links" data-string-suggestions="Suggested Searches" data-string-noresults=""> <section class="ac-gn-searchresults-section ac-gn-searchresults-section-defaultlinks" data-analytics-region="defaultlinks search">
<div class="ac-gn-searchresults-section-wrapper">
<h3 class="ac-gn-searchresults-header ac-gn-searchresults-animated">Quick Links</h3>
<ul class="ac-gn-searchresults-list" id="defaultlinks" role="listbox">
<li class="ac-gn-searchresults-item ac-gn-searchresults-animated" role="presentation">
<a href="https://support.apple.com/en-us/HT201487" role="option" class="ac-gn-searchresults-link ac-gn-searchresults-link-defaultlinks" data-query="no keyword" data-section="defaultlinks" data-items="5" data-index="0" data-label="If you forgot your Apple ID password" data-analytics-click="eVar23: {data-query} | {data-section} | {data-items} | {data-label} | {data-index}, events:event50">If you forgot your Apple ID password</a>
</li>
<li class="ac-gn-searchresults-item ac-gn-searchresults-animated" role="presentation">
<a href="https://support.apple.com/en-us/HT204306" role="option" class="ac-gn-searchresults-link ac-gn-searchresults-link-defaultlinks" data-query="no keyword" data-section="defaultlinks" data-items="5" data-index="1" data-label="If you forgot the passcode for your iPhone, iPad, or iPod touch" data-analytics-click="eVar23: {data-query} | {data-section} | {data-items} | {data-label} | {data-index}, events:event50">If you forgot the passcode for your iPhone, iPad, or iPod touch</a>
</li>
<li class="ac-gn-searchresults-item ac-gn-searchresults-animated" role="presentation">
<a href="https://support.apple.com/en-us/HT202039" role="option" class="ac-gn-searchresults-link ac-gn-searchresults-link-defaultlinks" data-query="no keyword" data-section="defaultlinks" data-items="5" data-index="2" data-label="View, change, or cancel your subscriptions" data-analytics-click="eVar23: {data-query} | {data-section} | {data-items} | {data-label} | {data-index}, events:event50">View, change, or cancel your subscriptions</a>
</li>
<li class="ac-gn-searchresults-item ac-gn-searchresults-animated" role="presentation">
<a href="https://support.apple.com/en-us/HT204204" role="option" class="ac-gn-searchresults-link ac-gn-searchresults-link-defaultlinks" data-query="no keyword" data-section="defaultlinks" data-items="5" data-index="3" data-label="Update iOS on your device" data-analytics-click="eVar23: {data-query} | {data-section} | {data-items} | {data-label} | {data-index}, events:event50">Update iOS on your device</a>
</li>
<li class="ac-gn-searchresults-item ac-gn-searchresults-animated" role="presentation">
<a href="https://support.apple.com/contact" role="option" class="ac-gn-searchresults-link ac-gn-searchresults-link-defaultlinks" data-query="no keyword" data-section="defaultlinks" data-items="5" data-index="4" data-label="Contact Apple Support" data-analytics-click="eVar23: {data-query} | {data-section} | {data-items} | {data-label} | {data-index}, events:event50">Contact Apple Support</a>
</li>
</ul>
<span role="status" class="ac-gn-searchresults-count" aria-live="polite">5 Quick Links</span>
</div>
</section>
</aside></div><button id="ac-gn-searchview-close" class="ac-gn-searchview-close" aria-label="Cancel Search"><span class="ac-gn-searchview-close-wrapper"><span class="ac-gn-searchview-close-left"></span><span class="ac-gn-searchview-close-right"></span></span></button></aside><aside class="ac-gn-bagview" data-analytics-region="bag"><div class="ac-gn-bagview-scrim"><span class="ac-gn-bagview-caret ac-gn-bagview-caret-small"></span></div><div class="ac-gn-bagview-content" id="ac-gn-bagview-content"></div></aside></div></nav><div class="ac-gn-blur"></div><div id="ac-gn-curtain" class="ac-gn-curtain"></div><div id="ac-gn-placeholder" class="ac-nav-placeholder"></div>
<div id="app">
<div>
<section class="section section-content">
<div>
<div class="column small-12 medium-12 large-12 large-centered text-center">
<div class="main" role="main" id="howto-section">
<div id="content">
<h1 id="howto-title" itemprop="headline">About the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra</h1>
<div class="intro"><p>This
document describes the security content of macOS Catalina 10.15.6,
Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra.</p>
</div>
<div itemprop="author" itemscope="" itemtype="http://schema.org/Organization">
<meta itemprop="name" content="Apple">
</div>
<div id="sections" itemprop="articleBody">
<div>
<h2>About Apple security updates</h2>
<div><p>For our customers' protection, Apple doesn't
disclose, discuss, or confirm security issues until an investigation has
occurred and patches or releases are available. Recent releases are
listed on the&nbsp;<a href="https://support.apple.com/kb/HT201222">Apple security updates</a>&nbsp;page.</p>
<p>Apple security documents reference vulnerabilities by&nbsp;<a href="http://cve.mitre.org/about/">CVE-ID</a>&nbsp;when possible.</p>
<p>For more information about security, see the&nbsp;<a href="https://support.apple.com/kb/HT201220">Apple Product Security</a>&nbsp;page.</p>
</div>
</div>
<div>
<div><p><img alt="" src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/divider.png"></p>
</div>
</div>
<div>
<h2>macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra</h2>
<div><p><span class="note">Released July 15, 2020</span></p>
<p><strong>AMD</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9927: Lilang Wu working with TrendMicro’s Zero Day Initiative</p>
<p style="margin-left: 40px;"><span class="note">Entry updated August 5, 2020</span>
</p><p><strong>Audio</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds write issue was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9884: Yu Zhou(@yuzhou6666) of 小鸡帮 working with Trend Micro Zero Day Initiative</p>
<p style="margin-left: 40px;">CVE-2020-9889: Anonymous working with
Trend Micro’s Zero Day Initiative, JunDong Xie and XingWei Lin of
Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry updated August 5, 2020</span>
</p><p><strong>Audio</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9888: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9890: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9891: JunDong Xie and XingWei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry updated August 5, 2020</span>
</p><p><strong>Bluetooth</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: Multiple memory corruption issues were addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9928: Yu Wang of Didi Research America</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>Bluetooth</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local user may be able to cause unexpected system termination or read kernel memory</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9929: Yu Wang of Didi Research America</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>Clang</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Clang may generate machine code that does not correctly enforce pointer authentication codes</p>
<p style="margin-left: 40px;">Description: A logic issue was addressed with improved validation.</p>
<p style="margin-left: 40px;">CVE-2020-9870: Samuel Groß of Google Project Zero</p>
<p><strong>CoreAudio</strong></p>
<p style="margin-left: 40px;">Available for: macOS High Sierra 10.13.6</p>
<p style="margin-left: 40px;">Impact: A buffer overflow may result in arbitrary code execution</p>
<p style="margin-left: 40px;">Description: A buffer overflow was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9866: Yu Zhou of 小鸡帮 and Jundong Xie of Ant-financial Light-Year Security Lab</p>
<p><strong>Core Bluetooth</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A remote attacker may cause an unexpected application termination</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9869: Patrick Wardle of Jamf</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>CoreCapture</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6</p>
<p style="margin-left: 40px;">Impact: An application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: A use after free issue was addressed with improved memory management.</p>
<p style="margin-left: 40px;">CVE-2020-9949: Proteas</p>
<p style="margin-left: 40px;"><span class="note">Entry added November 12, 2020</span>
</p><p><strong>CoreFoundation</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local user may be able to view sensitive user information</p>
<p style="margin-left: 40px;">Description: An issue existed in the handling of environment variables. This issue was addressed with improved validation.</p>
<p style="margin-left: 40px;">CVE-2020-9934: Matt Shockley (linkedin.com/in/shocktop)</p>
<p style="margin-left: 40px;"><span class="note">Entry updated August 5, 2020</span>
</p><p><strong>CoreGraphics</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted image may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: A buffer overflow issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020, updated November 12, 2020</span>
</p><p><strong>Crash Reporter</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious application may be able to break out of its sandbox</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed by removing the vulnerable code.</p>
<p style="margin-left: 40px;">CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud</p>
<p><strong>Crash Reporter</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local attacker may be able to elevate their privileges</p>
<p style="margin-left: 40px;">Description: An issue existed within the
path validation logic for symlinks. This issue was addressed with
improved path sanitization.</p>
<p style="margin-left: 40px;">CVE-2020-9900: Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at Qi'anxin Group</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>FontParser</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted font file may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds write issue was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9980: Xingwei Lin of Ant Security Light-Year Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020, updated October 19, 2020</span>
</p><p><strong>Graphics Drivers</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9799: ABC Research s.r.o.</p>
<p style="margin-left: 40px;"><span class="note">Entry updated July 24, 2020</span>
</p><p><strong>Heimdal</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local user may be able to leak sensitive user information</p>
<p style="margin-left: 40px;">Description: This issue was addressed with improved data protection.</p>
<p style="margin-left: 40px;">CVE-2020-9913: Cody Thomas of SpecterOps</p>
<p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Multiple buffer overflow issues existed in openEXR</p>
<p style="margin-left: 40px;">Description: Multiple issues in openEXR were addressed with improved checks.</p>
<p style="margin-left: 40px;">CVE-2020-11758: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-11759: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-11760: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-11761: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-11762: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-11763: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-11764: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-11765: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 8, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted image may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds write issue was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9871: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9872: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9874: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9879: Xingwei Lin of Ant-Financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9936: Mickey Jin of Trend Micro</p>
<p style="margin-left: 40px;">CVE-2020-9937: Xingwei Lin of Ant-Financial Light-Year Security Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry updated August 5, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted image may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: A buffer overflow issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9919: Mickey Jin of Trend Micro</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds write issue was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9876: Mickey Jin of Trend Micro</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted image may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted image may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9877: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted image may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An integer overflow was addressed through improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9875: Mickey Jin of Trend Micro</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted image may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9873: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9938: Xingwei Lin of Ant-financial Light-Year Security Lab</p>
<p style="margin-left: 40px;">CVE-2020-9984: an anonymous researcher</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020</span>
</p><p><strong>Image Processing</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary code execution</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9887: Mickey Jin of Trend Micro</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 8, 2020</span>
</p><p><strong>Intel Graphics Driver</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local user may be able to cause unexpected system termination or read kernel memory</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9908: Junzhi Lu(@pwn0rz) working with Trend Micro’s Zero Day Initiative</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020, updated August 31, 2020</span>
</p><p><strong>Intel Graphics Driver</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: A race condition was addressed with additional validation.</p>
<p style="margin-left: 40px;">CVE-2020-9990: ABC Research s.r.l. working
with Trend Micro Zero Day Initiative, ABC Research s.r.o. working with
Trend Micro Zero Day Initiative</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020</span>
</p><p><strong>Intel Graphics Driver</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious application may be able to execute arbitrary code with system privileges</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9921: ABC Research s.r.o. working with Trend Micro Zero Day Initiative</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel</p>
<p style="margin-left: 40px;">Description: A routing issue was addressed with improved restrictions.</p>
<p style="margin-left: 40px;">CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall</p>
<p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved state management.</p>
<p style="margin-left: 40px;">CVE-2020-9904: Tielei Wang of Pangu Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to cause a denial of service</p>
<p style="margin-left: 40px;">Description: A logic issue was addressed with improved state management.</p>
<p style="margin-left: 40px;">CVE-2020-9924: Matt DeVore of Google</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious application may be able to execute arbitrary code with system privileges</p>
<p style="margin-left: 40px;">Description: Multiple memory corruption issues were addressed with improved state management.</p>
<p style="margin-left: 40px;">CVE-2020-9892: Andy Nguyen of Google</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: A memory initialization issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9863: Xinru Chi of Pangu Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry updated August 5, 2020</span>
</p><p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious application may be able to determine kernel memory layout</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9902: Xinru Chi and Tielei Wang of Pangu Lab</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to cause a denial of service</p>
<p style="margin-left: 40px;">Description: A buffer overflow was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9905: Raz Mashat (@RazMashat) of ZecOps</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>Kernel</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious application may disclose restricted memory</p>
<p style="margin-left: 40px;">Description: An information disclosure issue was addressed with improved state management.</p>
<p style="margin-left: 40px;">CVE-2020-9997: Catalin Valeriu Lita of SecurityScorecard</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020</span>
</p><p><strong>libxpc</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6</p>
<p style="margin-left: 40px;">Impact: A malicious application may be able to overwrite arbitrary files</p>
<p style="margin-left: 40px;">Description: A path handling issue was addressed with improved validation.</p>
<p style="margin-left: 40px;">CVE-2020-9994: Apple</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020</span>
</p><p><strong>Login Window</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A user may be unexpectedly logged in to another user’s account</p>
<p style="margin-left: 40px;">Description: A logic issue was addressed with improved state management.</p>
<p style="margin-left: 40px;">CVE-2020-9935: an anonymous researcher</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020</span>
</p><p><strong>Mail</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to cause a denial of service</p>
<p style="margin-left: 40px;">Description: An out-of-bounds write issue was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2019-19906</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020, updated September 8, 2020</span>
</p><p><strong>Mail</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A malicious mail server may overwrite arbitrary mail files</p>
<p style="margin-left: 40px;">Description: A path handling issue was addressed with improved validation.</p>
<p style="margin-left: 40px;">CVE-2020-9920: YongYue Wang AKA BigChan of Hillstone Networks AF Team</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>Mail</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted email may lead to writing arbitrary files</p>
<p style="margin-left: 40px;">Description: A logic issue was addressed with improved state management.</p>
<p style="margin-left: 40px;">CVE-2020-9922: Mikko Kenttälä (@Turmio_) of SensorFu</p>
<p style="margin-left: 40px;"><span class="note">Entry added November 12, 2020</span>
</p><p><strong>Messages</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A user that is removed from an iMessage group could rejoin the group</p>
<p style="margin-left: 40px;">Description: An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verification.</p>
<p style="margin-left: 40px;">CVE-2020-9885: an anonymous researcher, Suryansh Mansharamani, of WWP High School North (medium.com/@suryanshmansha)</p>
<p><strong>Model I/O</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution</p>
<p style="margin-left: 40px;">Description: A buffer overflow issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9878: Holger Fuhrmannek of Deutsche Telekom Security</p>
<p><strong>Model I/O</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution</p>
<p style="margin-left: 40px;">Description: A buffer overflow was addressed with improved bounds checking.</p>
<p style="margin-left: 40px;">CVE-2020-9880: Holger Fuhrmannek of Deutsche Telekom Security</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020, updated September 21, 2020</span>
</p><p><strong>Model I/O</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution</p>
<p style="margin-left: 40px;">Description: A buffer overflow issue was addressed with improved memory handling.</p>
<p style="margin-left: 40px;">CVE-2020-9878: Aleksandar Nikolic of Cisco Talos, Holger Fuhrmannek of Deutsche Telekom Security</p>
<p style="margin-left: 40px;">CVE-2020-9881: Holger Fuhrmannek of Deutsche Telekom Security</p>
<p style="margin-left: 40px;">CVE-2020-9882: Holger Fuhrmannek of Deutsche Telekom Security</p>
<p style="margin-left: 40px;">CVE-2020-9940: Holger Fuhrmannek of Deutsche Telekom Security</p>
<p style="margin-left: 40px;">CVE-2020-9985: Holger Fuhrmannek of Deutsche Telekom Security</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020, updated September 21, 2020</span>
</p><p><strong>OpenLDAP</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to cause a denial of service</p>
<p style="margin-left: 40px;">Description: This issue was addressed with improved checks.</p>
<p style="margin-left: 40px;">CVE-2020-12243</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020</span>
</p><p><strong>rsync</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to overwrite existing files</p>
<p style="margin-left: 40px;">Description: A validation issue existed in
the handling of symlinks. This issue was addressed with improved
validation of symlinks.</p>
<p style="margin-left: 40px;">CVE-2014-9512: gaojianfeng</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>Sandbox</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local user may be able to cause unexpected system termination or read kernel memory</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9930: Zhiyi Zhang from Codesafe Team of Legendsec at Qi'anxin Group</p>
<p style="margin-left: 40px;"><span class="note">Entry added December 15, 2020</span>
</p><p><strong>Sandbox</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local user may be able to load unsigned kernel extensions</p>
<p style="margin-left: 40px;">Description: This issue was addressed with improved checks.</p>
<p style="margin-left: 40px;">CVE-2020-9939: @jinmo123, @setuid0x0_, and @insu_yun_en of @SSLab_Gatech working with Trend Micro’s Zero Day Initiative</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>Security</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: A logic issue was addressed with improved restrictions.</p>
<p style="margin-left: 40px;">CVE-2020-9864: Alexander Holodny</p>
<p><strong>Security</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An attacker may have been able to
impersonate a trusted website using shared key material for an
administrator added certificate</p>
<p style="margin-left: 40px;">Description: A certificate validation
issue existed when processing administrator added certificates. This
issue was addressed with improved certificate validation.</p>
<p style="margin-left: 40px;">CVE-2020-9868: Brian Wolff of Asana</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>Security</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6</p>
<p style="margin-left: 40px;">Impact: An application may be able to gain elevated privileges</p>
<p style="margin-left: 40px;">Description: A logic issue was addressed with improved validation.</p>
<p style="margin-left: 40px;">CVE-2020-9854: Ilias Morad (A2nkF)</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>sysdiagnose</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A local attacker may be able to elevate their privileges</p>
<p style="margin-left: 40px;">Description: An issue existed within the
path validation logic for symlinks. This issue was addressed with
improved path sanitization.</p>
<p style="margin-left: 40px;">CVE-2020-9901: Tim Michaud (@TimGMichaud)
of Leviathan, Zhongcheng Li (CK01) from Zero-dayits Team of Legendsec at
Qi'anxin Group</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020, updated August 31, 2020</span>
</p><p><strong>Vim</strong></p>
<p style="margin-left: 40px;">Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to cause arbitrary code execution</p>
<p style="margin-left: 40px;">Description: This issue was addressed with improved checks.</p>
<p style="margin-left: 40px;">CVE-2019-20807: Guilherme de Almeida Suckevicz</p>
<p><strong>WebDAV</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A sandboxed process may be able to circumvent sandbox restrictions</p>
<p style="margin-left: 40px;">Description: This issue was addressed with improved entitlements.</p>
<p style="margin-left: 40px;">CVE-2020-9898: Sreejith Krishnan R (@skr0x1C0)</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 8, 2020</span>
</p><p><strong>Wi-Fi</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory</p>
<p style="margin-left: 40px;">Description: An out-of-bounds read was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn)</p>
<p><strong>Wi-Fi</strong></p>
<p style="margin-left: 40px;">Available for: macOS Mojave 10.14.6, macOS High Sierra 10.13.6, macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: An application may be able to execute arbitrary code with kernel privileges</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9899: Yu Wang of Didi Research America</p>
<p style="margin-left: 40px;"><span class="note">Entry added July 24, 2020</span>
</p><p><strong>Wi-Fi</strong></p>
<p style="margin-left: 40px;">Available for: macOS Catalina 10.15.5</p>
<p style="margin-left: 40px;">Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory</p>
<p style="margin-left: 40px;">Description: A memory corruption issue was addressed with improved input validation.</p>
<p style="margin-left: 40px;">CVE-2020-9906: Ian Beer of Google Project Zero</p>
<p><span class="note">Entry added July 24, 2020</span></p>
</div>
</div>
<div>
<div><p><img alt="" src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/divider.png"></p>
</div>
</div>
<div>
<h2>Additional recognition</h2>
<div><p><strong>CoreFoundation</strong></p>
<p style="margin-left: 40px;">We would like to acknowledge Bobby Pelletier for their assistance.</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 8, 2020</span>
</p><p><strong>ImageIO</strong></p>
<p style="margin-left: 40px;">We would like to acknowledge Xingwei Lin of Ant-financial Light-Year Security Lab for their assistance.</p>
<p style="margin-left: 40px;"><span class="note">Entry added September 21, 2020</span>
</p><p><strong>Siri</strong></p>
<p style="margin-left: 40px;">We would like to acknowledge Yuval Ron,
Amichai Shulman, and Eli Biham of the Technion - Israel Institute of
Technology for their assistance.</p>
<p style="margin-left: 40px;"><span class="note">Entry added August 5, 2020</span>
</p><p><strong>USB Audio</strong></p>
<p style="margin-left: 40px;">We would like to acknowledge Andy Davis of NCC Group for their assistance.</p>
</div>
</div>
</div>
<div class="sosumi"><p>Information
about products not manufactured by Apple, or independent websites not
controlled or tested by Apple, is provided without recommendation or
endorsement. Apple assumes no responsibility with regard to the
selection, performance, or use of third-party websites or products.
Apple makes no representations regarding third-party website accuracy or
reliability. <a href="http://support.apple.com/kb/HT2693">Contact the vendor</a> for additional information.</p>
</div>
<div class="mod-date">
<span>Published Date:</span>&nbsp;<time datetime="2020-12-15" itemprop="datePublished">December 15, 2020</time>
</div>
</div>
</div>
</div>
</div>
</section>
</div>
</div>
<div id="helpful-rating-wrapper">
<div id="helpful" class="ratings">
<div id="question-state" class="show">
<fieldset>
<legend>
<div id="okapi-a">
<span>Helpful?</span>
</div>
</legend>
<div class="helpful-btn-grp">
<button class="button" id="yes-button" data-ss-analytics-link-component_name="helpful" data-ss-analytics-link-component_type="helpful" data-ss-analytics-link-text="yes" data-ss-analytics-event="acs.link_click" title="Solved my problem">
Yes
</button>
<button class="button" id="no-button" data-ss-analytics-link-component_name="helpful" data-ss-analytics-link-component_type="helpful" data-ss-analytics-link-text="no" data-ss-analytics-event="acs.link_click" title="Not helpful">
No
</button>
</div>
</fieldset>
</div>
<div id="feedback-state" class="form-element form-textbox-labelbelow hide">
<form autocomplete="off">
<input type="hidden" id="form-counter-error-message" value="Maximum character limit is 250.">
<label id="feedback-label" htmlfor="feedback" data-no-label="Thanks for letting us know." data-yes-label="We’re glad this article helped."></label>
<div class="form-element form-textbox-labelbelow" id="feedback">
<textarea class="form-textbox form-textbox-textarea form-counter-textarea form-textbox-entered" data-no-placeholder="How can we make this article more helpful? (Optional)" data-yes-placeholder="Anything else you’d like us to know? (Optional)" data-max-length="250" aria-labelledby="optional_label" aria-describedby="char_limit_counter"></textarea>
<div class="form-textarea-paddingcover">
<div class="form-textarea-paddingcover-color"></div>
</div>
<span class="form-label" id="optional_label" aria-hidden="true"></span>
<div class="form-textbox-counter" id="char_limit_counter">
<span class="visuallyhidden" id="char-limit-message">Character limit:</span>
<span class="form-counter">250</span>
</div>
<label htmlfor="feedback-note">Please don’t include any personal information in your comment.</label>
<div class="form-message-wrapper">
<span class="form-message">Maximum character limit is 250.</span>
</div>
<button type="submit" class="button" id="submit-feedback">
Submit
</button>
</div>
</form>
</div>
<div id="rating-done" class="hide">
Thanks for your feedback.
</div>
<div id="results-helpful" class="show">
</div>
</div>
</div>
<div id="ask-widget-wrapper" class="css-not-downloaded discussions">
<div id="ask-widget">
<div class="contentWrapper">
<div class="sectionHeaderLayout">
<div class="icon"></div>
<div class="titleTextLayout">
<h2 class="title">Start a discussion <span id="discussion-subtitle">in&nbsp;Apple&nbsp;Support&nbsp;Communities</span></h2>
</div>
</div>
<div class="sectionFormInputLayout">
<form action="https://discussions.apple.com/create/question" id="question-form" method="get" data-ss-analytics-link-component_name="Start a discussion" data-ss-analytics-link-component_type="discussion" data-ss-analytics-link-text="Submit my question" data-ss-analytics-link-url="https://discussions.apple.com/create/question" data-ss-analytics-event="acs.link_click" data-ignore-tracking="true">
<span class="fieldwrap">
<label htmlfor="interactiveQuestionSearchField" class="a11y">
Ask other users about this article
</label>
<input type="hidden" id="discussionFormArticleId" name="articleId" value="HT211289">
<input type="hidden" id="ols_discussion_error_no_question" value="Please enter your question!">
<div class="form-element">
<input id="questionInputField" type="text" class="questionInputField form-textbox form-textbox-text" name="title" maxlength="255" aria-labelledby="placeholder-text" aria-invalid="false">
<span class="form-label" id="placeholder-text" aria-hidden="true">Ask other users about this article</span>
</div>
</span>
<div class="jive-widget-question-div clearfix" id="question-submit">
<input type="submit" class="questionSubmitFormButton button button-secondary button-compact" value="Submit my question">
</div>
<a data-ss-analytics-link-component_name="Start a discussion" data-ss-analytics-link-component_type="discussion" data-ss-analytics-link-text="See all questions on this article" data-ss-analytics-link-url="https://discussions.apple.com/article/HT211289" data-ss-analytics-event="acs.link_click" class="see-all-questions" href="https://discussions.apple.com/article/HT211289">
See all questions on this article
<span class="icon icon-chevronright" aria-hidden="true">
</span></a>
</form>
</div>
</div>
</div>
</div>
<div id="cas">
<div id="promo" class="one"></div>
</div>
<div id="flexbanner-wrapper">
<div id="flexbanner"></div>
</div>
<div class="footer-wrapper">
<footer id="ac-globalfooter" dir="ltr" class="js no-touch svg no-ie7 no-ie8 footer-global" data-analytics-region="global footer" role="contentinfo" aria-labelledby="ac-gf-label" lang="en-us">
<div class="ac-gf-content">
<h2 class="ac-gf-label" id="ac-gf-label">Apple Footer</h2>
<nav class="ac-gf-breadcrumbs" aria-label="Breadcrumbs" role="navigation">
<a href="https://www.apple.com/" class="home ac-gf-breadcrumbs-home">
<span class="ac-gf-breadcrumbs-home-icon" aria-hidden="true"></span>
<span class="ac-gf-breadcrumbs-home-label">Apple</span>
<span class="ac-gf-breadcrumbs-home-chevron"></span>
<span class="ac-gf-breadcrumbs-home-mask"></span>
</a>
<div class="ac-gf-breadcrumbs-path">
<ol class="ac-gf-breadcrumbs-list" vocab="http://schema.org/" typeof="BreadcrumbList">
<li class="ac-gf-breadcrumbs-item" property="itemListElement" typeof="ListItem">
<span property="name">
<a href="https://support.apple.com/">Support</a>
</span>
<meta property="position" content="1">
</li>
<li class="ac-gf-breadcrumbs-item" property="itemListElement" typeof="ListItem">
<span property="name">About the security content of macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra</span>
<meta property="position" content="2">
</li>
</ol>
</div>
</nav>
<section class="ac-gf-footer" vocab="https://schema.org/" typeof="Organization"> <div class="ac-gf-footer-shop" x-ms-format-detection="none"></div> <div class="ac-gf-footer-locale"> <a class="ac-gf-footer-locale-link" href="https://support.apple.com/en-us/HT211289/localeselector" title="Choose your country or region" aria-label="United States. Choose your country or region">United States</a> </div> <div class="ac-gf-footer-legal"> <div class="ac-gf-footer-legal-copyright">Copyright © 2021 Apple Inc. All rights reserved.</div> <div class="ac-gf-footer-legal-links"> <a class="ac-gf-footer-legal-link analytics-exitlink" href="https://www.apple.com/legal/privacy/en-ww/">Privacy Policy</a> <a class="ac-gf-footer-legal-link analytics-exitlink" href="https://www.apple.com/legal/internet-services/terms/site.html">Terms of Use</a> <a class="ac-gf-footer-legal-link analytics-exitlink" href="https://www.apple.com/shop/goto/help/sales_refunds">Sales and Refunds</a> <a class="ac-gf-footer-legal-link" href="https://www.apple.com/sitemap/">Site Map</a></div> </div> <meta content="Apple" property="name"> <meta content="1-800-692-7753" property="telephone"> </section>
</div>
</footer>
</div>
<script src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/FujiStitchPath.js" type="text/javascript" charset="utf-8"></script>
<script src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/app-ht-route.js" type="text/javascript" charset="utf-8"></script>
<script src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/accsoffer.js" type="text/javascript" charset="utf-8"></script>
<script src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/ac-globalnav.js" type="text/javascript" charset="utf-8"></script><div id="ac-gn-viewport-emitter"> </div>
<script src="About%20the%20security%20content%20of%20macOS%20Catalina%2010.15.6,%20Security%20Update%202020-004%20Mojave,%20Security%20Update%202020-004%20High%20Sierra%20-%20Apple%20Support_files/launch.js" type="text/javascript" charset="utf-8"></script><script>_satellite["_runScript1"](function(event, target, Promise) {
try{
window._analytics = window._analytics || {};
var mag_glass = document.getElementById("ac-gn-link-search"),
search_input = document.getElementById("ac-gn-searchform-input");
function get_index(linkText){
var arr = document.getElementById("ac-gn-searchresults").getElementsByTagName("li"),
count = 1;
while (count > 0) {
if (arr[count - 1].textContent.trim().toLowerCase() === linkText) {
break;
} else {
count++;
}
}
return count;
}
function scrape_link_data(link, linktype){
var text = link.textContent.trim().toLowerCase(),
dest = link.getAttribute("href").toLowerCase();
window._applemd.search = {
location: "globalnav_support",
link_type: linktype,
dest_url: dest,
link_text: text,
link_index: get_index(text),
dest_platform: _satellite.getVar("FN:Get_Link_Dest_Platform")(dest)
}
}
//set beacon for mag glass click
if (!!mag_glass && !mag_glass.getAttribute("data-analytics-listener-added")) {
mag_glass.setAttribute("data-analytics-listener-added", "true")
mag_glass.addEventListener("mousedown", function () {
window._applemd.search = {
name: "click-mag-glass",
link_type: "acs",
link_text: "internal search"
}
_satellite.track("search");
setTimeout(function(){
window._applemd.search = {};
}, 200)
});
}
function link_selected_event(event){
var target = event.target,
link_found = false;
try {
//bolded text in dropdown links is captured here.
if (target.tagName !== "A" && target.parentElement.tagName === "A") {
target = target.parentElement;
}
//quick link
if (target.classList.contains("ac-gn-searchresults-link") && !(target.classList.contains("ac-gn-searchresults-link-suggestions"))) {
scrape_link_data(target, "quicklink");
link_found = true;
}
//suggested search link
else if (target.classList.contains("ac-gn-searchresults-link-suggestions")) {
scrape_link_data(target, "suggested search");
link_found = true;
}
} catch(e) { }
return link_found;
}
//listen for clicks on quick links
if(!window._analytics.document_listener_added){
window._analytics.document_listener_added = true;
document.addEventListener("mousedown", function (event) {
if(link_selected_event(event)){
_satellite.track("search");
}
})
}
//race condition prevents this edge case, page navigates and deselects 'current' before tracking event can fire
//track user navigates to link with arrow keys and hits enter
if(!window._analytics.document_key_listener_added){
window._analytics.document_key_listener_added = true;
document.addEventListener("keyup", function (event) {
window._applemd.search = {};
var current = document.getElementsByClassName("ac-gn-searchresults-link current")[0] || document.querySelector('a[data-focus-method="key"]');
link_selected_event({target:current})
})
document.addEventListener("keydown", function (event) {
if (event.keyCode === 13 && !!_applemd.search && !!_applemd.search.link_type) {
_satellite.track("search");
}
})
}
//track user type search term and hits enter key
if (!!search_input && !search_input.getAttribute("data-analytics-key-listener-added")) {
search_input.addEventListener("keydown", function (event) {
search_input.setAttribute("data-analytics-key-listener-added", "true");
if (event.keyCode === 13) {
input = search_input.value.trim().toLowerCase();
if (input) {
window._applemd.search = {
location: "globalnav_support",
link_type: "user",
link_text: input,
dest_url: "https://support.apple.com/kb/index",
dest_platform: _satellite.getVar("FN:Get_Link_Dest_Platform")("https://support.apple.com/kb/index")
}
_satellite.track("search");
}
}
});
}
}catch(e){}
});</script>
<div id="apd-aria-live-region" aria-live="polite" role="status" class="a11y"></div>
</body></html>