Security Update 2017-001 10.11.6 Crashes

richardfromgiralang wrote:

Ditto for me - two Macs, one old one running OSX El Capitan and a new one running High Sierra, the patches loaded automatically overnight a couple of weeks back next morning both were KPing, I reloaded the OSX on each and did the updates one at a time but haven't put the Security one in again I was waiting to see if Apple came out with another one that would fix the issue.....oh I did initially remove all the apps that were booting and that made no difference still the KPing (and a lot of wasted time)

KPing? Do you mean Kernel Panic?

This thread was resolved by removing 3rd party software that was causing a kernel panic. There is a very good chances that your problem is also 3rd party kernel extensions that you installed.

While I do not know what 3rd party software you have installed, I am fairly sure that Apple is not going to provide a new fix for that software. That would be up to the 3rd party vendor, or for you to remote the 3rd party software (and removing an app that install a kernel extension generally requires running that app's official un-installer, not dragging the app to the trash).

If you want help with your kernel panics, I would suggest you start a new thread (see the "Post" button at the top of this page), and in your new thread, post a few of the most recent kernel panic reports

Kernel Panic reports: Finder -> Go -> Go to Folder -> /Library/Logs/DiagnosticReports

<http://support.apple.com/kb/ht2546>

<http://support.apple.com/en-us/HT200553>

The panic report should have "panic" in the file name.

And then post the EtreCheck output

<https://discussions.apple.com/docs/DOC-6174> or <https://etrecheck.com>

Use the EtreCheck -> Edit -> Copy Report (See the image below)

And then Paste the report as a "Reply" to this thread.

If, AND ONLY IF, you get the error:

"The message contains invalid characters"

then try posting to PasteBin.com, and give us a PasteBin URL link.

<http://pastebin.com/>

.

EtreCheck is a tool that helps Apple Support Community volunteers debug problems without any access to the troubled computers. Debugging problems can be a difficult task even when the machine is in front of you. Attempting it via a discussion forum is extremely difficult. EtreCheck is a great help that regards.

There is a very good chance you will get the help you need by doing that, and since it is a new thread you started it will not be sending mixed replies that may or may not have anything to do with your problem, vs the other people replying in this thread.

Have you tried downloading and installing the standalone download, Download Security Update 2018-001 (El Capitan).

run Disk Utility First Aid before installing, make sure your Macs have enough free disk space, at least 15GBs.

If you have any apps that start at login in remove them from System Preferences> Users & Groups> Login Items. Select each app and click on the minus button to remove them.

If you have any apps that interfere with downloads, i.e anti-virus, uninstall them using the developers instructions, anti- virus is not needed.

If High Sierra panics, ncryptedcloud is a candidate to check, but you would really need to analyze the High Sierra panic to make sure you correctly identified what caused the panic.

I know you are NOT panic'ing now, so this would just be for future reference. You can get the panic report from

Kernel Panic reports: Finder -> Go -> Go to Folder -> /Library/Logs/DiagnosticReports

<http://support.apple.com/kb/ht2546>

<http://support.apple.com/en-us/HT200553>

The panic report should have "panic" in the file name.

And then you get the EtreCheck report (as asked for in previous replies to this thread)

<https://discussions.apple.com/docs/DOC-6174> or <https://etrecheck.com>

and post both of them in a new High Sierra forum post

It may turn out to be ncryptedcloud, but we do not have a crystal ball to predict the future.

No bugs in the security update. The downloads from the apple Downloads site are the same as th ones on the App Store, but they are less prone to failure.

Apps that open on restart or login can affect downloads that are trying to install especially security updates or OS updates, it is advised to disable them.

You are not speaking to Apple here, just users like yourself.

No but it does not mean there aren't. But the listings here are not full of people having problems.

Why do you feel the need to reinstall El Capitan, will it not just simply restart.

You could try running this, http://etrecheck.com/ and then post the report back here.

It is useful for evaluating Mac systems.

Alex, you are not the only one! I am on a MacBook Pro, El Capitan 10.11.6, and this security update killed my machine as it did to yours. Fortunately I had a Time Machine backup, but I had to recover the whole computer from it - very tme consuming. Security Update 2017-001 10.11.6 Crashes at least some user machines!

But now it is time to find out that el capitan is not supported as well anymore...

El Capitan is still being supported. And I applied the most recent El Capitan update to my iMac without any problems.

Generally when someone applies a macOS change and thing start to panic, it is because they have 3rd party software that installs a kernel extensions that cheats and does not use approved APIs inside the kernel. When the code or data structures they are uses change, they cause the system to panic. This is the overwhelming cause of kernel panics immediately after a macOS update/upgrade.

alexd0001 wrote:

Hey, but it works with same Software after upgrade on HighSierra? - There are the same Kernel-Extensions like in el capitan installed! But a simple upgrade to HighSierra from El CapitanThis should have the same Kernel Panic.

My day job is a kernel developer for a Unix based file system. Based on my experience with different Unix kernel releases over the years, I expect that the macOS kernel will have differences for El Capitan, Sierra and High Sierra, and the resulting security patches will have to be tailored for each specify release.

In addition, High Sierra introduces a brand new file system, so if you have an SSD, you will be running it. It is possible that the panics are caused by 3rd party software sticking their fingers into the old HFS+ file system code, and since you would have stopped using that file system on High Sierra, the 3rd party software would not be looking at active kernel code on your system.

Or the way High Sierra kernel was changed did not cause 3rd party software to touch something dangerous, or the timing is different, or the other macOS software using kernel services has changed, and this does not generate the situation that caused 3rd party software to panic, etc...

Any code that runs in a kernel extension has 100% full access to everything on the system, and there is nothing to stop it from looking at anything or doing anything. The only way kernel extensions play nice and do not panic the system is if they use approved APIs that take the proper looks when looking at data structures, so things do not change out from under them. For example a kernel extension that decides it can walk a linked list without taking the proper protection lock can have a link pointer changed to ZERO and when it follows that link, it will panic as location zero is always undefined, or the data structure might be freed, and the forward link changed to 0xdeadbeefdeadbeef, also an invalid address. This kind of failure is totally timing dependent, and almost impossible to predict.