Catalina App Store Link

  

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

Security Update 2021-003 Catalina

MacOS Catalina replaces iTunes with three all-new apps that greatly simplify and improve the way Mac users discover and enjoy their favorite music, TV shows, movies and podcasts. The new Music app for Mac is lightning fast, fun and easy to use. Apple Music will help users discover great new music with over 50 million songs, playlists and music. With macOS Catalina, the apps you love are now more beautiful and intelligent than ever. App Store with Apple Arcade. An unsubscribe link for email messages from commercial lists now.

  1. Alternatively, you can click the link below and it should launch the Catalina product page within the App Store: Get MacOS Catalina. Step 4: Download MacOS Catalina.
  2. Attempting to download macOS Catalina from the Mac App Store you may find that a small version of the “Install macOS Catalina.app” file downloads to the “Applications” folder, rather than the complete 8.1 GB installer file.
  3. Until now, Gatekeeper didn't take the same approach with apps launched via Terminal. It also didn't check non-quarantined apps and files for malware. In other words, it checked an app only once for malware. Significant changes have arrived with macOS Catalina. Now, apps started through Terminal are also checked.

Released May 24, 2021

AMD

Available for: macOS Catalina

Impact: A local user may be able to cause unexpected system termination or read kernel memory

Description: A logic issue was addressed with improved state management.

CVE-2021-30676: shrek_wzw

AMD

Available for: macOS Catalina

Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution

Description: A logic issue was addressed with improved state management.

CVE-2021-30678: Yu Wang of Didi Research America

App Store

Available for: macOS Catalina

Impact: A path handling issue was addressed with improved validation

Description: A malicious application may be able to break out of its sandbox.

CVE-2021-30688: Thijs Alkemade of Computest Research Division

Link

Entry added July 21, 2021

AppleScript

Available for: macOS Catalina

Impact: A malicious application may bypass Gatekeeper checks

Description: A logic issue was addressed with improved state management.

CVE-2021-30669: Yair Hoffman

Audio

Available for: macOS Catalina

Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information

Description: This issue was addressed with improved checks.

CVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro

CoreAudio

Available for: macOS Catalina

Impact: An out-of-bounds read was addressed with improved bounds checking

Description: Processing a maliciously crafted audio file may disclose restricted memory.

CVE-2021-30686: Mickey Jin of Trend Micro working with Trend Micro Zero Day Initiative

Entry added July 21, 2021

Core Services

Available for: macOS Catalina

Impact: A malicious application may be able to gain root privileges

Description: A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks.

CVE-2021-30681: Zhongcheng Li (CK01)

CVMS

Available for: macOS Catalina

Impact: A local attacker may be able to elevate their privileges

Description: This issue was addressed with improved checks.

CVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro

Dock

Available for: macOS Catalina

Impact: A malicious application may be able to access a user's call history

Description: An access issue was addressed with improved access restrictions.

CVE-2021-30673: Josh Parnham (@joshparnham)

Graphics Drivers

Available for: macOS Catalina

Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution

Description: A logic issue was addressed with improved state management.

CVE-2021-30684: Liu Long of Ant Security Light-Year Lab

Graphics Drivers

Available for: macOS Catalina

Impact: An out-of-bounds write issue was addressed with improved bounds checking

Description: A malicious application may be able to execute arbitrary code with kernel privileges.

CVE-2021-30735: Jack Dates of RET2 Systems, Inc. (@ret2systems) working with Trend Micro Zero Day Initiative

Entry added July 21, 2021

Heimdal

Available for: macOS Catalina

Impact: A malicious application may cause a denial of service or potentially disclose memory contents

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30710: Gabe Kirkpatrick (@gabe_k)

Heimdal

Available for: macOS Catalina

Impact: A remote attacker may be able to cause a denial of service

Description: A race condition was addressed with improved locking.

CVE-2021-1884: Gabe Kirkpatrick (@gabe_k)

Heimdal

Available for: macOS Catalina

Impact: Processing maliciously crafted server messages may lead to heap corruption

Description: This issue was addressed with improved checks.

CVE-2021-1883: Gabe Kirkpatrick (@gabe_k)

Heimdal

Available for: macOS Catalina

Impact: A local user may be able to leak sensitive user information

Description: A logic issue was addressed with improved state management.

CVE-2021-30697: Gabe Kirkpatrick (@gabe_k)

Heimdal

Available for: macOS Catalina

Impact: A malicious application could execute arbitrary code leading to compromise of user information

Description: A use after free issue was addressed with improved memory management.

CVE-2021-30683: Gabe Kirkpatrick (@gabe_k)

ImageIO

Available for: macOS Catalina

Impact: Processing a maliciously crafted image may lead to disclosure of user information

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360

ImageIO

Available for: macOS Catalina

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of Baidu Security

ImageIO

Available for: macOS Catalina

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: An out-of-bounds write was addressed with improved input validation.

CVE-2021-30743: CFF of Topsec Alpha Team, an anonymous researcher, and Jeonghoon Shin(@singi21a) of THEORI working with Trend Micro Zero Day Initiative

ImageIO

Available for: macOS Catalina

Impact: Processing a maliciously crafted ASTC file may disclose memory contents

Description: This issue was addressed with improved checks.

CVE-2021-30705: Ye Zhang of Baidu Security

Intel Graphics Driver

Mac

Available for: macOS Catalina

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2021-30728: Liu Long of Ant Security Light-Year Lab

Intel Graphics Driver

Available for: macOS Catalina

Impact: An out-of-bounds read issue was addressed by removing the vulnerable code

Description: A local user may be able to cause unexpected system termination or read kernel memory.

CVE-2021-30719: an anonymous researcher working with Trend Micro Zero Day Initiative

Entry added July 21, 2021

Intel Graphics Driver

Available for: macOS Catalina

Impact: An out-of-bounds write issue was addressed with improved bounds checking

Description: A malicious application may be able to execute arbitrary code with kernel privileges.

CVE-2021-30726: Yinyi Wu(@3ndy1) of Qihoo 360 Vulcan Team

Entry added July 21, 2021

Kernel

Available for: macOS Catalina

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A logic issue was addressed with improved state management.

CVE-2021-30704: an anonymous researcher

Kernel

Available for: macOS Catalina

Impact: Processing a maliciously crafted message may lead to a denial of service

Description: A logic issue was addressed with improved state management.

CVE-2021-30715: The UK's National Cyber Security Centre (NCSC)

Kernel

Available for: macOS Catalina

Impact: A memory corruption issue was addressed with improved validation

Description: A local attacker may be able to elevate their privileges.

CVE-2021-30739: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab

Entry added July 21, 2021

Login Window

Available for: macOS Catalina

Impact: A person with physical access to a Mac may be able to bypass Login Window

Description: A logic issue was addressed with improved state management.

CVE-2021-30702: Jewel Lambert of Original Spin, LLC.

Mail

Available for: macOS Catalina

Impact: A logic issue was addressed with improved state management

Description: An attacker in a privileged network position may be able to misrepresent application state.

CVE-2021-30696: Fabian Ising and Damian Poddebniak of Münster University of Applied Sciences

Entry added July 21, 2021

Model I/O

Available for: macOS Catalina

Install catalina from app store

Install Catalina From App Store

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30723: Mickey Jin (@patch1t) of Trend Micro

CVE-2021-30691: Mickey Jin (@patch1t) of Trend Micro

CVE-2021-30694: Mickey Jin (@patch1t) of Trend Micro

CVE-2021-30692: Mickey Jin (@patch1t) of Trend Micro

Model I/O

Available for: macOS Catalina

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30746: Mickey Jin (@patch1t) of Trend Micro

Model I/O

Available for: macOS Catalina

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A validation issue was addressed with improved logic.

CVE-2021-30693: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro

Model I/O

Available for: macOS Catalina

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30695: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro

Model I/O

Available for: macOS Catalina

Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30708: Mickey Jin (@patch1t) & Junzhi Lu (@pwn0rz) of Trend Micro

Model I/O

Available for: macOS Catalina

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: This issue was addressed with improved checks.

CVE-2021-30709: Mickey Jin (@patch1t) of Trend Micro

Model I/O

Available for: macOS Catalina

Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30725: Mickey Jin (@patch1t) of Trend Micro

NSOpenPanel

Available for: macOS Catalina

Impact: An application may be able to gain elevated privileges

Description: This issue was addressed by removing the vulnerable code.

CVE-2021-30679: Gabe Kirkpatrick (@gabe_k)

OpenLDAP

Available for: macOS Catalina

Impact: A remote attacker may be able to cause a denial of service

Description: This issue was addressed with improved checks.

CVE-2020-36226

CVE-2020-36229

CVE-2020-36225

CVE-2020-36224

CVE-2020-36223

CVE-2020-36227

CVE-2020-36228

CVE-2020-36221

CVE-2020-36222

CVE-2020-36230

Security

Available for: macOS Catalina

Impact: A memory corruption issue in the ASN.1 decoder was addressed by removing the vulnerable code

Description: Processing a maliciously crafted certificate may lead to arbitrary code execution.

CVE-2021-30737: xerub

Entry added July 21, 2021

smbx

Macos

Available for: macOS Catalina

Impact: An attacker in a privileged network position may be able to perform denial of service

Description: A logic issue was addressed with improved state management.

CVE-2021-30716: Aleksandar Nikolic of Cisco Talos

smbx

Available for: macOS Catalina

Impact: An attacker in a privileged network position may be able to execute arbitrary code

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30717: Aleksandar Nikolic of Cisco Talos

smbx

Available for: macOS Catalina

Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution

Description: A logic issue was addressed with improved state management.

CVE-2021-30712: Aleksandar Nikolic of Cisco Talos

smbx

Available for: macOS Catalina

Impact: An attacker in a privileged network position may be able to leak sensitive user information

Description: A path handling issue was addressed with improved validation.

CVE-2021-30721: Aleksandar Nikolic of Cisco Talos

smbx

Available for: macOS Catalina

Impact: An attacker in a privileged network position may be able to leak sensitive user information

Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30722: Aleksandar Nikolic of Cisco Talos

TCC

Available for: macOS Catalina

Impact: A malicious application may be able to send unauthorized Apple events to Finder

Description: A validation issue was addressed with improved logic.

CVE-2021-30671: Ryan Bell (@iRyanBell)

Additional recognition

App Store

We would like to acknowledge Thijs Alkemade of Computest Research Division for their assistance.

CFString

Install Macos Catalina App Store Link

We would like to acknowledge an anonymous researcher for their assistance.

CoreCapture

We would like to acknowledge Zuozhi Fan (@pattern_F_) of Ant-financial TianQiong Security Lab for their assistance.

Catalina

macOS Catalina gives you more of everything you love about Mac. Experience music, TV, and podcasts in three all-new Mac apps. Enjoy your favorite iPad apps now on your Mac. Extend your workspace and expand your creativity with iPad and Apple Pencil. And discover smart new features in the apps you use every day. Now you can take everything you do above and beyond.

Music, TV, and podcasts take center stage.

iTunes forever changed the way people experienced music, movies, and podcasts. It all changes again with three all-new, dedicated apps — Apple Music, Apple TV, and Apple Podcasts — each designed from the ground up to be the best way to enjoy entertainment on your Mac. And rest assured; everything you had in your iTunes library is still accessible in each app. iCloud seamlessly syncs everything across your devices — or you can back up, restore, and sync by connecting the device directly to your Mac.

Presenting Apple Music on Mac.

The new Apple Music app is the ultimate music streaming experience on Mac.1 Explore a library of 60 million songs, discover new artists and tracks, find the perfect playlist, download and listen offline, or enjoy all the music you’ve collected over the years. And find it all in your music library on all your devices.

Apple TV. Premiering on Mac.

The Apple TV app for Mac is the new home for all your favorite movies and Apple TV+.2 Watch everything directly in the app or enjoy it offline, and discover the best of what’s on in the Watch Now tab. You can even pick up where you left off on any screen, across all your devices. And for the first time, 4K3 and Dolby Atmos4–supported movies are available on Mac.

Listen up. Podcasts on Mac.

The best entertainment, comedy, news, and sports shows are now available on your Mac with Apple Podcasts. Search for podcasts by title, topic, guest, host, content, and more. Subscribe and be notified as soon as new episodes become available. And in the Listen Now tab, you can easily pick up where you left off across all your devices.

The apps you love.
Right on your Mac.

Experience your favorite iPad apps now on your Mac. With Mac Catalyst, developers can easily create Mac apps from the iPad apps you already know and love. They run natively alongside your existing Mac apps so you can drag and drop content between them. They take full advantage of the larger screen and powerful architecture of your Mac. And because they are built from their iOS versions, they provide a seamless experience across your devices. Enjoy a broad range of Mac apps — from travel, entertainment, and gaming to banking, education, and project management.

The Twitter for Mac app takes full advantage of the native Mac features like multiple windows, drag and drop, keyboard shortcuts, and more. See more of what’s happening on a larger screen and easily work alongside your other Mac apps.

Morpholio Board for Mac lets interior designers create their mood boards on a larger screen with much more detail. Users can scroll through a huge library of furnishings; use new editing, composition, curation, and organization tools; and work alongside web browsers, notes, and email.

With the Post-it® App on Mac, users can easily organize all their notes on the big screen. Grouping and sorting is much faster using a keyboard and mouse or trackpad. And importing boards from other users is even easier.

With Jira for Mac, manage projects like a boss. Take advantage of native Mac features and move through Jira faster than ever, push notifications, keyboard shortcuts, drag and drop, custom menu bar, and more.

The American Airlines app for Mac lets users check in and choose their seats, and even see three-dimensional renderings of their seats powered by SceneKit.

With TripIt on Mac, you can review all your plans in one place, edit and share your trip details, and research your destination, all while multitasking with other Mac apps. Your itinerary is even available offline, whether you’re at your desk or at 35,000 feet.

The Crew app for Mac is the first communications app designed for workers who don’t have easy access to communication technology on the job. Managers often use Mac computers in the back of house at stores, so users can access the experience they expect on the platform they prefer.

Download Macos Catalina App Store Link

This popular language-learning solution opens a whole new world on Mac. The desktop is wonderfully suited for focus and learning. Rosetta Stone is tightly integrated with the Mac microphone and includes an offline mode for a seamless app experience that’s just not possible on the web.

Proloquo2Go on Mac is designed for people with communication challenges who are unable to make themselves understood using their own voices. The app lets parents, teachers, and therapists customize the app vocabulary using the keyboard and provide new words without requiring access to their child’s device, which may be at school or at home.

Even more amazing Mac apps.Even more amazing Mac apps

Developers are continuing to build for Catalyst as many more of your favorite iPad apps will be coming to Mac.

  • app-1
  • app-2
  • app-3
  • app-4
  • app-5
  • app-6
  • app-7
  • app-8
  • app-9
  • app-10

The apps you use every day, made extraordinary.

With macOS Catalina, the apps you love are now more beautiful and intelligent than ever. So your everyday tasks are easier than ever.

Focus on your best shots.

Catalina App Store Link

Photos has a new immersive, dynamic look that showcases your photos and memories. See only the best shots in your library, without the duplicates and clutter. Browse your favorite photos by days, months, and years and get larger previews of all your photos. And Photos is even smarter, so it can highlight important moments like birthdays, anniversaries, and trips.

Easier to find. And easier to share.

A new gallery view and more powerful search help you find your notes quicker than ever. Shared folders let you collaborate on entire folders of notes with another person or a group. And new checklist options let you move completed items to the bottom, quickly reorder items using drag and drop, and more.

Organization.
Reorganized.

The Reminders app has been completely rebuilt, with an all-new design and new ways to easily create, organize, and keep track of reminders. Add attachments to reminders, create or change reminders with the quick edit buttons, and let Siri suggest new ones found in Messages. Smart lists automatically organize and display your upcoming reminders. And if you tag someone in a reminder, you’ll be notified the next time you’re chatting in Messages.

Start browsing.
Faster.

An updated start page helps you easily and quickly access your favorites and frequently visited sites. And Siri suggestions surface bookmarks, iCloud Tabs, and links from your reading list, as well as those you receive in Messages.

Play extraordinary.

Unlimited access to over 100 ad-free games for your Mac — all in a game subscription service unlike any other. Start playing on your Mac and jump to your iPhone, iPad, and Apple TV.

Try it free5

Extend your desktop. With iPad.

Sidecar lets you extend your workspace by using your iPad as a second Mac display.6 Work in one app while you reference another or view your artwork on your Mac while you use tools and palettes on your iPad. You can also mirror the screens so they both display the same content, making it perfect for sharing exactly what you see with others.

View the Sidecar white paper (PDF)

Express your creativity. With Apple Pencil.

Bring the ease and precision of Apple Pencil to your favorite creative Mac apps with Sidecar.7 Just drag your app window from your Mac to your iPad as you would with any second display. Then use Apple Pencil to design in Illustrator, edit photos in Affinity Photo, or create 3D models in ZBrush. The handy sidebar puts essential Command, Control, and Shift keys right at your fingertips.

Make your mark on Mac.

Use Apple Pencil for everyday tasks like drawing and sketching or marking up screenshots and PDFs. You can easily insert a sketch from your iPad into any document on your Mac.

Powerful apps. Made even more powerful.

Discover all the amazing apps that are compatible with Sidecar, including illustration, photography, and 3D apps.

Affinity Photo

Maya

Screen Time.
Now on Mac.

macOS Catalina brings all your favorite Screen Time features to Mac, giving you greater insight into how you’re spending your time. Monitor usage, schedule downtime, and set limits for both apps and websites across all your devices. And with Family Sharing, you can set app and communication limits for your kids to help them focus on the right things.

Communication Limits

Communication Limits let you choose who your children can communicate with throughout the day and during downtime, so you can make sure they’re always reachable.

Combined Limits

With Combined Limits, you can combine individual apps and websites, and even whole categories, into a single, easy-to-manage limit. Set a limit for a group of apps and websites, like gaming or your favorite streaming apps.

One More Minute

Need an extra minute to wrap up what you’re doing? You’ll get a notification when you’ve reached your time limit, so you can quickly wrap up a conversation, save a file, or close a game session before your time runs out.

Increased security.
Greater privacy.

With macOS Catalina, there are enhanced security features to better protect macOS against tampering, help ensure that the apps you use are safe, and give you greater control over access to your data. And it’s even easier to find your Mac if it’s lost or stolen.

More secure hardware.

The Apple T2 Security Chip keeps your Mac secure by ensuring that you’re running trusted software and automatically encrypting your stored data. It also provides secure authentication for Touch ID. And now macOS Catalina features Activation Lock, so only you can erase and reactivate your Mac.

Safer-running software.

macOS Catalina runs in its own read-only volume, so it’s separate from all other data on your Mac, and nothing can accidentally overwrite your system files. And Gatekeeper ensures that new apps you install have been checked for known security issues before you run them, so you’re always using good software.

Data protections.

Apps must now get your permission before directly accessing files in your Documents and Desktop folders, iCloud Drive, and external volumes, so you’re always in control of your data. And you’ll be prompted before any app can capture keyboard activity or a photo or video of your screen.

The new Find My app combines Find My iPhone and Find My Friends into a single, easy-to-use app on Mac, iPad, and iPhone. Find My can help you locate a missing Mac — even if it’s offline and sleeping — by sending out Bluetooth signals that can be detected by Apple devices in use nearby. They can then relay the detected location of your Mac to iCloud so you can locate it in the Find My app.

It’s all anonymous and encrypted end-to-end so no one, including Apple, knows the identity of any reporting device. And because the reporting happens silently using tiny bits of data that piggyback on existing network traffic, there’s no need to worry about your battery life, your data usage, or your privacy.

Powerful features to empower everyone.

macOS Catalina includes new features to help everyone get the most out of Mac. Tools for users with low vision allow you to zoom in on a paragraph of text or the entire screen.

Zoom Display

If you have two screens, you can keep one screen zoomed in close while the other remains at a standard resolution. It’s great for everyday work and giving a presentation.

Hover Text

Hover Text makes it easier to view text on your Mac display. Just hover over any text with your cursor and press Command. You’ll get a dedicated window with large, high-resolution text. You can even choose the fonts and colors.

macOS Catalina

The power of Mac.
Taken further.

Featuring all-new, dedicated apps for music, TV, and podcasts. Smart new features in the apps you use every day. And Sidecar, which lets you use iPad as a second Mac display.

See if your Mac can run macOS Catalina.

MacBook

2015 and later

Learn more

MacBook Air

2012 and later

Learn more

MacBook Pro

2012 and later

Learn more

Mac mini

Macos Catalina Direct App Store Link

2012 and later

Learn more

iMac

2012 and later

Learn more

iMac Pro

2017 and later

Catalina App Store Url

(all models)

Mac Pro

Mac Os Catalina App Store Link

2013 and later

Learn more

New tools to build new worlds.

If you can imagine it, you can create it. ARKit 3 gives you new tools to build incredible experiences on the world’s largest AR platform.

Develop for macOS Catalina.

The Apple SDK offers enormous possibilities for developers to create apps that will work across Mac, iPhone, and iPad.

Upgrade to start your free trial.