- Using Apple Configurator 2
- Apple Configurator 2 Requirements
- Apple Configurator 1.7.2 Download
- Apple Configurator 2.5 For Windows
- Apple Configurator 2 For Windows 10
About Apple security updates
Apple Configurator is an application developed by Apple Inc. And is available for free download on the Mac App Store.It was first launched in March 2012. It replaces the iPhone Configuration Utility. The application allows for mass-configuration of iOS devices such as iPhone, iPad and iPod touch and tvOS devices such as Apple TV for business and educational organizations. The current version of Mac OS is 10.4. Since you cannot have that installed on your computer the App Store will not let you have the current version of the Configurator. I am running 10.4 and I also have the Configurator, and it works fine but I have no way to test it on a prior version of Mac OS.
IOS 8.0+ (Personal and supervised devices) iOS 7.0+ (DEP enrollments) iOS 11.0+ (Enrollment using Apple Configurator 2) macOS 10.13+ (Enrollments) Windows. After Apple has released Supplemental Updates to macOS 10.13.6 for the new MacBook Pros, we can just use them to install the updated version of 10.13.6 with CFL support. As the installers are only compatible with 10.13.6, you'll first need to update to the 'official' version through the Mac App Store.
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.
Apple security documents reference vulnerabilities by CVE-ID when possible.
macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
Released December 6, 2017
APFS
Available for: macOS High Sierra 10.13.1
Impact: APFS encryption keys may not be securely deleted after hibernating
Description: A logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management.
CVE-2017-13887: David Ryskalczyk
Entry added June 21, 2018
apache
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1 Baca komik initial d bahasa indonesia translate.
Impact: Processing a maliciously crafted Apache configuration directive may result in the disclosure of process memory
Description: Multiple issues were addressed by updating to version 2.4.28.
CVE-2017-9798: Hanno Böck
Entry updated December 18, 2018
Auto Unlock
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional validation.
CVE-2017-13905: Samuel Groß (@5aelo)
Entry added October 18, 2018
CFNetwork Session
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-7172: Richard Zhu (fluorescence) working with Trend Micro's Zero Day Initiative
Entry added January 22, 2018
Contacts
Available for: macOS High Sierra 10.13.1
Impact: Sharing contact information may lead to unexpected data sharing
Description: An issue existed in the handling of Contact sharing. This issue was addressed with improved handling of user information.
CVE-2017-13892: Ryan Manly of Glenbrook High School District 225
Entry added October 18, 2018
CoreAnimation
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with elevated privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-7171: 360 Security working with Trend Micro's Zero Day Initiative, and Tencent Keen Security Lab (@keen_lab) working with Trend Micro's Zero Day Initiative
Entry added January 22, 2018
CoreFoundation
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional validation.
CVE-2017-7151: Samuel Groß (@5aelo)
Entry added October 18, 2018
curl
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: Malicious FTP servers may be able to cause the client to read out-of-bounds memory
Description: An out-of-bounds read issue existed in the FTP PWD response parsing. This issue was addressed with improved bounds checking.
CVE-2017-1000254: Max Dymond
Directory Utility
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Not impacted: macOS Sierra 10.12.6 and earlier
Impact: An attacker may be able to bypass administrator authentication without supplying the administrator’s password
Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.
CVE-2017-13872
ICU
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: An integer overflow was addressed through improved input validation.
CVE-2017-15422: Yuan Deng of Ant-financial Light-Year Security Lab
Entry added March 14, 2018
Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13883: Yu Wang of Didi Research America
CVE-2017-7163: Yu Wang of Didi Research America
CVE-2017-7155: Yu Wang of Didi Research America
Entry updated December 21, 2017
Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.
CVE-2017-13878: Ian Beer of Google Project Zero
Intel Graphics Driver
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An out-of-bounds read was addressed through improved bounds checking.
CVE-2017-13875: Ian Beer of Google Project Zero
IOAcceleratorFamily
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-7159: found by IMF developed by HyungSeok Han (daramg.gift) of SoftSec, KAIST (softsec.kaist.ac.kr)
Entry updated December 21, 2017
IOKit
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: An input validation issue existed in the kernel. This issue was addressed through improved input validation.
CVE-2017-13848: Alex Plaskett of MWR InfoSecurity
CVE-2017-13858: an anonymous researcher
IOKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with system privileges
Description: Multiple memory corruption issues were addressed through improved state management.
CVE-2017-13847: Ian Beer of Google Project Zero
IOKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-7162: Tencent Keen Security Lab (@keen_lab) working with Trend Micro's Zero Day Initiative
Entry updated January 10, 2018
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Using Apple Configurator 2
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13904: Kevin Backhouse of Semmle Ltd.
Entry added February 14, 2018
Kernel
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to read kernel memory (Meltdown)
Description: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.
CVE-2017-5754: Jann Horn of Google Project Zero; Moritz Lipp of Graz University of Technology; Michael Schwarz of Graz University of Technology; Daniel Gruss of Graz University of Technology; Thomas Prescher of Cyberus Technology GmbH; Werner Haas of Cyberus Technology GmbH; Stefan Mangard of Graz University of Technology; Paul Kocher; Daniel Genkin of University of Pennsylvania and University of Maryland; Yuval Yarom of University of Adelaide and Data61; and Mike Hamburg of Rambus (Cryptography Research Division)
Entry updated January 5, 2018
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13862: Apple
CVE-2017-13867: Ian Beer of Google Project Zero
Entry updated December 21, 2017
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2017-7173: Brandon Azad
Entry updated January 11, 2018
Kernel
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2017-13876: Ian Beer of Google Project Zero
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: A type confusion issue was addressed with improved memory handling.
CVE-2017-13855: Jann Horn of Google Project Zero
Kernel
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13865: Ian Beer of Google Project Zero
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input sanitization.
CVE-2017-13868: Brandon Azad
CVE-2017-13869: Jann Horn of Google Project Zero
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: A local user may be able to cause unexpected system termination or read kernel memory
Description: An input validation issue existed in the kernel. This issue was addressed through improved input validation.
CVE-2017-7154: Jann Horn of Google Project Zero
Entry added December 21, 2017
Mail
Available for: macOS High Sierra 10.13.1
Impact: A S/MIME encrypted email may be inadvertently sent unencrypted if the receiver's S/MIME certificate is not installed
Description: An inconsistent user interface issue was addressed with improved state management.
CVE-2017-13871: Lukas Pitschl of GPGTools
Entry updated December 21, 2017
Mail Drafts
Available for: macOS High Sierra 10.13.1
Impact: An attacker with a privileged network position may be able to intercept mail
Description: An encryption issue existed with S/MIME credentials. The issue was addressed with additional checks and user control.
CVE-2017-13860: Michael Weishaar of INNEO Solutions GmbH
Entry updated January 10, 2018
OpenSSL
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read issue existed in X.509 IPAddressFamily parsing. This issue was addressed with improved bounds checking.
CVE-2017-3735: found by OSS-Fuzz
Perl
Available for: macOS Sierra 10.12.6
Impact: This bugs can allow remote attackers to cause a denial of service
Description: Public CVE-2017-12837 was addressed by updating the function in Perl 5.18
CVE-2017-12837: Jakub Wilk
Entry added October 18, 2018
Screen Sharing Server
Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.1
Impact: A user with screen sharing access may be able to access any file readable by root
Description: A permissions issue existed in the handling of screen sharing sessions. This issue was addressed with improved permissions handling.
CVE-2017-7158: Trevor Jacques of Toronto
Entry updated December 21, 2017
SIP
Available for: macOS High Sierra 10.13.1
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A configuration issue was addressed with additional restrictions.
CVE-2017-13911: Timothy Perfitt of Twocanoes Software
Entry updated August 8, 2018, updated September 25, 2018
Wi-Fi
Available for: macOS High Sierra 10.13.1
Impact: An unprivileged user may change Wi-Fi system parameters leading to denial of service
Description: An access issue existed with privileged Wi-Fi system configuration. This issue was addressed with additional restrictions.
CVE-2017-13886: David Kreitschmann and Matthias Schulz of Secure Mobile Networking Lab at TU Darmstadt
Entry added May 2, 2018
Additional recognition
Mail
We would like to acknowledge Jon Bottarini of HackerOne for their assistance.
Entry added February 6, 2020
When you upgrade to macOS Catalina, you get more of everything you love about Mac. Experience dedicated apps for music, TV, and podcasts. Smart new features in the apps you use every day. And Sidecar, which lets you use iPad as a second Mac display. Best of all, upgrading is free and easy.
Chances are, your Mac can run macOS Catalina.
Mac computers with Metal-capable graphics processors (GPUs) can upgrade to macOS Catalina.
Make sure you’re ready to upgrade.
Before you upgrade, we recommend that you back up your Mac. Then, if your Mac is running OS X Mavericks 10.9 or later, you can upgrade directly to macOS Catalina.
Upgrading is free. And easier than you think.
Upgrading from macOS Mojave?
Go to Software Update in System Preferences to find the macOS Catalina upgrade. Click Upgrade Now and follow the onscreen instructions to begin your upgrade. If you don’t have broadband access, you can upgrade your Mac at any Apple Store.
Upgrading from an older version of macOS?
If you’re running High Sierra (10.13), Sierra (10.12), or El Capitan (10.11), upgrade to macOS Catalina from the App Store. If you’re running Lion (10.7) or Mountain Lion (10.8), you will need to upgrade to El Capitan (10.11) first. If you don’t have broadband access, you can upgrade your Mac at any Apple Store.
- OS X 10.9 or later
- 4GB of memory
- 12.5GB of available storage (OS X El Capitan 10.11.5 or later)*
- Some features require an Apple ID; terms apply.
- Some features require a compatible internet service provider; fees may apply.
For details about your Mac model, click the Apple icon at the top left of your screen and choose About This Mac. These Mac models are compatible with macOS Catalina:
- MacBook (Early 2015 or newer)
- MacBook Air (Mid 2012 or newer)
- MacBook Pro (Mid 2012 or newer)
- Mac mini (Late 2012 or newer)
- iMac (Late 2012 or newer)
- iMac Pro (2017)
- Mac Pro (Late 2013 or newer)
Siri
Requires a broadband internet connection and microphone (built-in or external).
Hey Siri
Supported by the following Mac models:
- MacBook Pro (2018 or newer)
- MacBook Air (2018 or newer)
- iMac Pro
Dictation, Voice Control, and Voice Memos
Requires a microphone (built-in or external).
Spotlight Suggestions
Requires a broadband internet connection.
Gestures
Requires a Multi-Touch trackpad, Force Touch trackpad, Magic Trackpad, or Magic Mouse.
Force Touch gestures require a Force Touch trackpad.
VoiceOver gestures require a Multi-Touch trackpad, Force Touch trackpad, or Magic Trackpad.
Photo Booth
Requires a FaceTime or iSight camera (built-in or external), or USB video class (UVC) camera.
FaceTime
Audio calls require a microphone (built-in or external) and broadband internet connection.
Video calls require a built-in FaceTime camera, an iSight camera (built-in or external), or a USB video class (UVC) camera; and broadband internet connection.
Apple TV
High Dynamic Range (HDR) video playback is supported by the following Mac models:
- MacBook Pro (2018 or newer)
- iMac Pro (2017)
- Mac Pro (2019) with Pro Display XDR
Dolby Atmos soundtrack playback is supported by the following Mac models:
- MacBook Air (2018 or newer)
- MacBook Pro (2018 or newer)
Apple Configurator 2 Requirements
Sidecar
Supported by the following Mac models:
- MacBook (2016 or newer)
- MacBook Air (2018 or newer)
- MacBook Pro (2016 or newer)
- Mac mini (2018 or newer)
- iMac (late 2015 or newer)
- iMac Pro (2017 or newer)
- Mac Pro (2019)
Supported by all iPad models with Apple Pencil support:
- 12.9-inch iPad Pro
- 11-inch iPad Pro
- 10.5-inch iPad Pro
- 9.7-inch iPad Pro
- iPad (6th generation or later)
- iPad mini (5th generation)
- iPad Air (3rd generation)
Continuity Camera
Requires an iPhone or iPad with a Lightning connector and iOS 12 or later.
Continuity Sketch and Continuity Markup
Requires an iPhone with iOS 13 or an iPad with iPadOS.
Handoff
Requires an iPhone or iPad with a Lightning connector and iOS 8 or later.
Instant Hotspot
Requires an iPhone or iPad with cellular connectivity, a Lightning connector, and iOS 8.1 or later. Requires Personal Hotspot service through your carrier.
Universal Clipboard
Requires an iPhone or iPad with a Lightning connector and iOS 10 or later.
Auto Unlock
Supported by Mac models introduced in mid 2013 or later.
Requires an Apple Watch with watchOS 3 or later or an iPhone 5 or later.
Approve with Apple Watch
Supported by Mac models introduced in mid 2013 or later.
Requires an Apple Watch with watchOS 6 or later or an iPhone 6s or later with iOS 13.
Apple Pay on the Web
Requires MacBook Pro with Touch Bar, an iPhone 6 or later with iOS 10 or later, or an Apple Watch with watchOS 3 or later.
Phone Calling
Requires an iPhone with iOS 8 or later and an activated carrier plan.
SMS
Requires an iPhone with iOS 8.1 or later and an activated carrier plan.
Home
Requires an iPhone with iOS 12 or later and a configured Home app.
AirDrop
AirDrop to iOS and iPadOS devices requires an iPhone or iPad with a Lightning connector and iOS 7 or later.
AirPlay
AirPlay Mirroring requires an Apple TV (2nd generation or later).
AirPlay for web video requires an Apple TV (2nd generation or later).
Peer-to-peer AirPlay requires a Mac (2012 or later) and an Apple TV (3rd generation rev A, model A1469 or later) with Apple TV software 7.0 or later.
Time Machine
Requires an external storage device (sold separately).
Apple Configurator 1.7.2 Download
Power Nap
Apple Configurator 2.5 For Windows
Supported by the following Mac models:
- MacBook (Early 2015 or newer)
- MacBook Air (Mid 2012 or newer)
- MacBook Pro with Retina display (Mid 2012 or newer)
- Mac mini (Late 2012 or newer)
- iMac (Late 2012 or newer)
- iMac Pro (2017)
- Mac Pro (Late 2013 or newer)
Boot Camp
Allows Boot Camp installations of Windows 10 on supported Mac models.
Exchange Support
Requires Microsoft Office 365, Exchange 2016, Exchange 2013, or Exchange Server 2010. Installing the latest Service Packs is recommended.
Windows Migration
Apple Configurator 2 For Windows 10
Supports OS X 10.7 or later and Windows 7 or later.
App Store
Available only to persons age 13 or older in the U.S. and many other countries and regions.
![Macos Macos](https://www.imore.com/sites/imore.com/files/styles/xlarge/public/field/image/2018/01/apple-configurator-install-3.jpeg?itok=ZxSCohjn)
- Apple Books
- Apple News
- App Store
- Automator
- Calculator
- Calendar
- Chess
- Contacts
- Dictionary
- DVD Player
- FaceTime
- Find My
- Font Book
- Home
- Image Capture
- Launchpad
- Maps
- Messages
- Mission Control
- Music
- Notes
- Photo Booth
- Photos
- Podcasts
- Preview
- QuickTime Player
- Reminders
- Safari
- Siri
- Stickies
- Stocks
- System Preferences
- TextEdit
- Time Machine
- TV
- Voice Memos
- Activity Monitor
- AirPort Utility
- Audio MIDI Setup
- Bluetooth File Exchange
- Boot Camp Assistant
- ColorSync Utility
- Console
- Digital Color Meter
- Disk Utility
- Grapher
- Keychain Access
- Migration Assistant
- Screenshot
- Screen Time
- Script Editor
- Sidecar
- System Information
- Terminal
- VoiceOver Utility
- Arabic
- Catalan
- Croatian
- Simplified Chinese
- Traditional Chinese
- Traditional Chinese (Hong Kong)
- Czech
- Danish
- Dutch
- English (Australia)
- English (UK)
- English (U.S.)
- Finnish
- French
- French (Canada)
- German
- Greek
- Hebrew
- Hindi
- Hungarian
- Indonesian
- Italian
- Japanese
- Korean
- Malay
- Norwegian
- Polish
- Brazilian Portuguese
- Portuguese
- Romanian
- Russian
- Slovak
- Spanish
- Spanish (Latin America)
- Swedish
- Thai
- Turkish
- Ukrainian
- Vietnamese