Software Update for macOS Venture 13.5.1

carpenter246 wrote:

If this prompt is genuine, then why does it ask me for my password before it can do the software update? Is it normal to ask for password before update can complete? Thanks.

Yes, this is normal for Macs with Apple silicon. It's because updates are tied to the Secure Boot system.

On most computers, a single security policy controls Secure Boot for all operating systems and software. Apple silicon Macs are different - every OS (or copy of macOS) is given its own security policy. The security policy (LocalPolicy) describes what version of macOS is installed, and whether the administrator has chosen to disable any secure boot protections.

Every Apple silicon Mac has a special keypair stored inside the Secure Enclave. The private portion is the Owner Identity Key (OIK), and it's responsible for signing every valid security policy stored on the system. To protect system security, this key is locked using your password. The public portion is certified by Apple during system activation, producing the Owner Identity Certificate - which causes your Mac to trust the OIK-signed security policy at boot time.

Now, back to your question. If you try to update without providing your login password, your Mac can't unlock the OIK, and therefore can't update the security policy. If your Mac were to update macOS without updating the security policy, the two would no longer match, and your Mac would refuse to start up. (It would probably head straight to Recovery and collect your login password to update the security policy accordingly.)

For more info:

Boot process for a Mac with Apple silicon - Apple Support (CA)

LocalPolicy signing-key creation and management - Apple Support (CA)

Contents of a LocalPolicy file for a Mac with Apple silicon - Apple Support (CA)

carpenter246 wrote:

I have set to install macOS updates auto. But I am still receiving a prompt that asks me to install software update. Is this normal? Could this be a virus? Please advise. Thanks.

https://discussions.apple.com/content/attachment/3f98c5eb-1010-4db5-9234-30777482faa1

"Could this be a virus?" — NO

Not a virus....

the current build is 13.5.1 (22G90)

A SafeBoot Use safe mode on your Mac - Apple Support will sort many anomalies— no need to log in, simply reboot after the Safeboot and compare your results.

if no resolve— you can delete the plist

Finder >Go>Go to Folder copy and paste:

~/Library/Preferences/com.apple.preferences.softwareupdate.plist

default plist get rebuild automatically on reboot

carpenter246 wrote:

Could this be a virus? Please advise. Thanks.

There are no known viruses, i.e. self propagating, for Macs.  There are, however, adware and malware which require the user to install although unwittingly most of the time thru sneaky links, etc.   

Anti Virus developers try to group all types as viruses into their ad campaigns of fear.  They do a poor job of the detecting and isolating the adware and malware.  Since there are no viruses these apps use up a lot of system resources searching for what is non-existent and adversely affect system and app performance.

There is one app, Malwarebytes, which was developed by a long time contributor to these forums and a highly respected member of the computer security community, that is designed solely to seek out adware and known malware and remove it.  The free version is more than adequate for most users.  

Follow on and excerpt from below link from Apple

Keep your Mac up to date - Apple Support (CA)

Set your Mac to check for software updates automatically

1. On your Mac, choose Apple menu  > System Settings, then click General  in the sidebar. (You may need to scroll down.)
2. Click Software Update on the right.
3. To set update options, click the Info button  for Automatic updates, then do any of the following:

• • To have your Mac check for updates automatically, turn on “Check for updates.”
  • To have your Mac download updates without asking, turn on “Download new updates when available.”
  • To have your Mac install macOS updates automatically, turn on “Install macOS updates.”
  • To have your Mac install application updates from the App Store automatically, turn on “Install app updates from the App Store.”
  • To have your Mac install system files and security updates automatically, turn on “Install Security Responses and System files.”

1. Click Done.

To receive the latest updates automatically, it’s recommended that you turn on “Check for updates,” “Download new updates when available,” and “Install Security Responses and System files.”

Note: MacBook, MacBook Pro, and MacBook Air must have the power adapter plugged in to automatically download updates.

Hi carpenter246,

This isn't a virus - it's a genuine update notification. The current latest version of macOS is macOS Ventura 13.5.1.

The prompt is simply there to notify you that your Mac will automatically update tonight. It's warning you now because when it's time to update later on, your Mac will restart and any unsaved work will be lost then.

The Password Requirement is to insure you are the Owner Of this computer

Much like in iOS updates for iPhones and iPads - to commence the download of an update or UpGrade does require the password ( PIN ) and will require the Password ( PIN ) a second time before the Installation is allowed to start.

Safety and Security implements by Apple

As the message says: and will be installed later tonight. That is a good thing. You don't want your mac to restart and be unavailable for 20 or 30 minutes right when you were working on it, do you?

Predicated on your profile as being accurate, which is not always true and accurate

User profile " MacBook Air 13″, macOS 13.4

If in fact this computer running any version Older than Ventura 13.5

The Notification below would be from Apple and Only Apple Servers notifying the user of the available update Ventura 13.5

It's good practice, IMO, to have an external SSD with a bootable clone, created with Carbon Copy Cloner, of my internal boot drive and use it for updates to made sure my apps will work with the new system updates. I use this setup for economy reasons and to easily swap out SSDs:

Yeah CCC is great. Even though it doesn't make bootable clones by default in Big Sur and later, it's super easy to make its backups bootable if need be - just install macOS on top of them.

Better yet, CCC 6 supports APFS snapshots - effectively providing backup history. I use it as a supercharged version of Time Machine :)

Encryptor5000 wrote:

Yeah CCC is great. Even though it doesn't make bootable clones by default in Big Sur and later,

That's not true. I've been making direct bootable clones of High Sierra, Mojave, Catalina and Ventura on an Intel iMac. Just do it like this: Using Carbon Copy Cloner to create a bootable external SSD of an Intel Mac boot drive - Apple Community

As I understand it one can make a complete clone of a silicon Mac but it won't be bootable as I don't have a silicon Mac to test on.

Great user tip! You're correct that CCC 6 can make a bootable copy if asked to, but unless you explicitly request it (as detailed in your user tip), as far as I'm aware it defaults to "standard backups" which only copy over the contents of the Data volume.

I haven't tested it yet on an Apple silicon Mac, but presumably a bootable clone should work in Monterey and later by going to Startup Disk in System Settings/Preferences, selecting the clone, and restarting from it. macOS should be smart enough to deal with volume ownership and such.

Nice Blow Up Image for better viewing by OP 😎