Cybersecurity Briefing — March 24, 2020
Apple released macOS Catalina 10.15.4 and Security Update 2020-002 for Mojave and High Sierra, patching actively exploited WebKit flaws and other kernel and mail vulnerabilities.
Executive briefing: Apple shipped macOS Catalina 10.15.4 and Security Update 2020-002 for Mojave and High Sierra on . The release addresses WebKit memory corruption issues, including vulnerabilities reported as exploited in the wild, plus kernel, Mail, and SMB fixes.
Why it matters: macOS endpoints used for remote work or developer builds faced active browser exploitation risk. Organizations need to accelerate deployment of the cumulative updates across supported macOS versions.
- Update all supported macOS: Deploy 10.15.4 or Security Update 2020-002 across Catalina, Mojave, and High Sierra devices; verify XProtect and Gatekeeper versions post-install.
- Prioritize browser users: Patch systems heavily using Safari/WebKit first to close active exploitation windows.
- Validate enterprise controls: Reconfirm kernel extensions, VPN clients, and endpoint agents remain functional after the update.
- Review release notes: Track CVEs resolved (e.g., WebKit, kernel, Mail) and monitor Apple security updates for any subsequent supplemental patches.
Continue in the Cybersecurity pillar
Return to the hub for curated research and deep-dive guides.
Latest guides
-
Cybersecurity Operations Playbook — Zeph Tech
Use Zeph Tech research to align NIST CSF 2.0, CISA KEV deadlines, and sector mandates across threat intelligence, exposure management, and incident response teams.