Why are security updates not happening?

VikingOSX wrote:

What terminology would you use to qualify pushed Apple security updates that are not presented via customary visual update interfaces?

Apple uses the term "background updates" - About background updates in macOS - Apple Support

My use of "silently" had no clandestine portent at all, and was my own choice of word for operating system events that occur unannounced to the user.

I didn't mean to imply that your "use" of the term had any ulterior motive. However, I really don't think it was your own choice. It was a term adopted exclusively for Apple updates and you, like many other people, simply adopted it. But the problem is that when one adopts someone else's terminology, they are implicitly supporting that specific, contextual use of the word.

Here is an example Google search:

The first two hits are from Apple, where the world "silent" does not occur at all. The next hit is a popular Mac site that flat out tells people this is something to be stopped. Then we have Howard Oakley, who doesn't know how these updates actually happen, but claims they are actually a security vulnerability.

The last one from 2014 is quite interesting. This is one of the first times this term was used in this context. In the article, they compare it (favourably) to Windows' "automatic updates" where, unlike on Windows, these updates don't require a restart.

I'm not trying to pick on you. I'm just using you as an example. Even if someone doesn't subscribe to the Apple fear-mongering, if they use that terminology, then it implies support. Even if you were using the term first, it has been co-oped to mean something sinister.

Try creating a Catalina installer on a flash drive according to this Apple document: How to create a bootable installer for macOS - Apple Support

It will install the latest Catalina version possible and will include Gatekeeper.

ChangeAgent wrote:

Thank you folks.

Remains the question, for me, why on one Mac I have version Gatekeeper 94, 8.0 and on an other 181, 8.0. Both detected by SilentKnight?

Maybe you missed the point—You do not have to micro manage the security updates.

If you have issues w/ your third party app‚ good question for the developer of your third party app —

search Support/Help/FAQ/known issues/compatibility:

Contact a third party vendor

https://support.apple.com/en-us/HT201777

A few years ago, it was all the rage among these internet security researchers to spread fear-mongering about Apple’s security updates. The problem is, none of these people actually understand how those updates work. And now, you are the one stuck in the middle.

ChangeAgent wrote:

Any other way of checking that it is up-to-date?

Purchase a new computer, install the operating system with no 3rd party software or user files. Then, compare each file in the operating system between the two computers using a suitable checksum algorithm.

When Apple has MRT and XProtect security updates ready to distribute, they will push them silently to your Mac's supported operating system, and a record of these are viewable under System Information > Software > Installations. Apple does not guarantee any predictable timetable for these security updates.

ChangeAgent wrote:

Are you serious?

LOL, of course not! Maybe I shouldn't have edited out that part about you quitting your job so you could focus on ensuring the integrity of your updates.

Here's the deal. A number of self-taught internet security researchers have decided they are also computer programmers and have started writing their own tools to check for malware, check for missing updates, and various other fear-mongering tasks. But suppose one of these apps tells you that an Apple file on a read-only system volume is infected with malware. Or, as in this case, they've told you that you are missing an important Apple update. What are you supposed to do? That's not a rhetorical question. I'm sincerely asking you what your remediation is in this case. If you don't know, ask the developer of that tool.

Please understand that I totally realize you didn't mention malware. I know that. But this is a community based on fear-mongering. It's not different than Qanon or any other internet conspiracy theory. You get pulled in with the softer stuff and then they feed you a little bit more, and before you know it, the government hackers are tracking you across all your devices. I see these kinds of posts here in the forum on a regular basis.

Don't assume that you are immune. Even someone like VikingOSX isn't immune. Did you notice how he used the word "silently"? That's because the fear-scape has trained people to talk about certain Apple updates as "silent", mysterious, maybe even malicious. Certainly VikingOSX hasn't fallen for the trap, but he's repeating the language. Nobody ever, not even once, used the word "silently" in reference to the standard practice of 3rd party security apps updating their malware definitions. It was only when Apple started doing its own checks that it became something sinister.

Apple simply doesn't document how the operating system applies updates like these. Therefore, any 3rd party app that tells you that Apple is doing something wrong must have some kind of basis for making that judgement. But they don't. They are simply making it up to string you along. Don't fall for it.

VikingOSX wrote:

Apple does not guarantee any predictable timetable for these security updates.

Nor does Apple guarantee any version numbering scheme with respect to these updates. Major installs or system updates are liable to reset the version number to something very ancient.

ChangeAgent wrote:

why on one Mac I have version Gatekeeper 94, 8.0 and on an other 181, 8.0. Both detected by SilentKnight?

...

I see nothing that helps.

Right there with you...right there with you.

What terminology would you use to qualify pushed Apple security updates that are not presented via customary visual update interfaces? My use of "silently" had no clandestine portent at all, and was my own choice of word for operating system events that occur unannounced to the user.

ChangeAgent wrote:

1- How do I know the computer software is up to date? Specifically the one SilentKnight reports. Is there an other way to find this info?

As I mentioned above, only partially in jest, if you do not trust the system update mechanism, then your only choice is to compare the data on your computer with the data on a different, pristine, fully-updated computer. You have to check the data. You can’t just check the version as SilentKnight does because that approach is wrong.

This will require you to obtain detailed knowledge about where this data is stored on the system. Note that there is no guarantee that you will even be able to access this data because Apple sometimes uses structures known as Data Vaults that are only accessible to Apple. I don’t know if Apple uses Data Vaults for this information, I’m just pointing out that you may have to disable your system security protections in order to manually verify those system protections.

And this is a catch-22 as well. How are you going to verify that your baseline computer, itself, is up to date?

2- If I set the panel as in Pic1, will it update itself?

Yes.

We can agree on the term "background updates." I have been using the "silently" terminology before there were personal computers and Macs available, probably from my former military and security classification days.

You can try it from the Recovery partition but I was worried that it might not have the missing Gatekeeper version either. But it would be quicker to give it a try and see. If not then you can go the flash drive route.