Updates to the Apple operating system that are installed without users' knowledge are exceptions instead of rules. At least in recent years they can be counted on the fingers of one hand. Nevertheless, in Cupertino it was decided that there would be no major trouble on the rise of the number of such updates, especially if it concerns the safety of users, who for the most part simply can ignore the installation of the patch and put themselves at risk. (a) Secret surveillance.
On the night of July 16-17, Apple released a second security patch for 7 days for MacOS, which does not require user permission to install and is usually in automatic mode without its participation. The update is aimed at removing components of RingPentral and Zoom applications that have the same vulnerability as the Zoom Video Conferencing Service.
Apple developers have found that these components establish a connection with the server and allow you to re-install the app when you click on the link of the video conference, causing the user to fall prey to monitoring through the webcam. As a result, attackers can gain access to sensitive information, which may be undesirable.
Apple says it often issues small patches aimed at improving the security of operating systems. All of them are automatically installed and do not require permission from the user. This happens in situations where an immediate and guaranteed solution to security problems that the company's developers constantly disclose is essential. In such cases, any delay in updating or ignoring updates by the user is at risk of doing much more damage than the automatic deployment of the new OS build.