At DARE we work with a number of organisations who adhere to Cyber Essentials or ISO 27001 certifications. As part of ongoing maintenance for these accreditations you are advised to make sure all security patches are applied to your devices in a timely manner – within 14 days of release is the standard.
Due to an ongoing issue with the Apple software update service within macOS we are finding a large number of clients are not managing to maintain full compliance. When the device runs the software updated binary to check for software updates it can hang in the background. Although this won’t be visible to a user you may notice that the device will no longer submit inventory to Jamf or DARE Update.
Is there a workaround for this?
Yes, there are a few workarounds that can be put into place.
- Apple have documented in their macOS Monterey 12.3 release notes that this problem is now resolved. It is advisable to update all your macOS devices to 12.3 to resolve this issue.
- If you are using Jamf Pro to manage your devices, and you are unable to upgrade to macOS Monterey 12.3, we recommend you disable software update checks at inventory. If the issue occurs while running within the Jamf binary it will hang and all future check-ins will also fail to run. This option is located within the Jamf Pro Settings > Computer Management – Management Framework > Inventory Collection.
- If all else fails, you can run a command on the device that will kickstart the software update service. Although this won’t be a permanent fix, it will at least restart the hung service to allow communication with other solutions like Jamf to resume. Please note this is an elevated command that will require an administration access to perform.
If you have a DARE support agreement in place and have noticed some devices are not communicating correctly, please email the team at [email protected] to have this investigated further