Not a lot new, but ...
Check out Marc Goodman's Future Crimes website and grab the Protect Yourself: The UPDATE Protocol under Tips to pass on them that need it.

There is a trade off on the "T" recommendation of the "UPDATE" acronym protocol.

If you Turn off your wifi or computer you could miss the Apple security updates that are (under some circumstances) automatically pushed to your computer. Apple did this to nullify a vulnerability in macOs during one of the latest ransomware attacks that could target Macs.

True. But then there are many of us who don't permit "automatic" updating of anything as a matter of course, in addition to which some of us log in and off the Internet given our "archaic" access.

I don't think you can opt out of the automatic updates Ira is talking about, but the question remains how long after you start up it takes Apple to recognize that you're "on the air" and push the update through if you were shut down when they first tried.

If it's "immediately", you lose virtually nothing by shutting down.

I do not permit automatic updating, from Apple or any source. All updating has to be instigated by me on a case by case basis.
(See Software Update under System Preferences.)

(Software Update prefs are found under System Prefs > App Store in Sierra, but I think they're still the same as in earlier OS versions.)

I'm fully aware of that pref, and I've got "Download..." checked, so my updates wind up in /Library/Updates until I deal with them, but there was at least one instance (within the past 18 months or so) in which Apple circumvented my pref and pushed through a critical security update of which I wasn't aware until I read about it after the fact.

I doubt that your pref setting prevented it any more than mine did, but perhaps someone knows better.

Nope. In Lion it's as I stated. And the last Apple security update I received (after I initiated it) was in 2014.
I've never dealt with the App Store and don't even know how to get there (if I wanted to, which I don't).

I think you're relying too much on your pref.

The security update to which I'm referring was, just as Ira suggested, pushed through silently, update prefs notwithstanding; it did not come through the normal update channels, although it may have left a record of its installation behind. (As I recall, it dealt with a specific piece of malware.)

Ira? Anybody?

And, of course, there's the very real possibility that the update wasn't implemented all the way back to Lion, which, also of course, doesn't negate the possibility that a future situation might cause Apple to patch long since unsupported OS versions in a similar manner.

OK...found it: Apple pushes its first ever silent, automatic security update to Mac OS X...

and more recently: Apple pushes silent security update

Apparently the 'silent patch' dealt with Gatekeeper specs and thus applied to OS X well beyond the Lion version.

If such a 'silent' fix was indeed attempted, it would have to have been while I was online and it would have to have been downloadable at 1-4 MB/s and then installed. Unless the patch was tiny, in order to fit such constraints, it wasn't done.

Other than the downloads I've initiated/permitted, there is no sign of any such patch on my system.

Gatekeeper definition updates being silent and automatic would not surprise me in the least.

Even with these tips, and all the subsequent information/guidance in this thread, I still worry about the one flaw that can't be fixed by software: the people who work at the organizations which require our personal information. What's to stop the disgruntled employee who decides to make some fast money from a quick download?

Gatekeeper is a security feature first implemented in Mac OS X 10.8 (Mountain Lion).
So most of this discussion is beside the point with respect to Mac OS X 10.7 (Lion) and earlier versions.

The point of this discussion hasn't been whether or not you were on the receiving end of any silent updates, rather it has been that your faith that your pref has prevented such is misplaced, and that the possibility exists that you may be on the receiving end in the (admittedly unlikely) future.

You have raised a valid point, though, about your on-line habits and how they'd affect such a potentiality.

Apple's first silent update was in 2014 and there have been some for 10.6.x that involve Apple's antivirus XProtect. What's not clear to me is if these silent updates are the same as Security Updates, which can be turned off (see the link).

I also could not determine when the silent ones take place. Usually Apple requires an Internet connection and a period of computer inactivity (how much??).

I've got some info...

The "NTP bug" silent security update referred to in Apple pushes its first ever silent, automatic security update to Mac OS X... is listed in Apple security updates (2014), while the similar "Gatekeeper" update referred to in Apple pushes silent security update is not specifically listed in Apple security updates, nor is it obviously included in About the security content of macOS Sierra 10.12.4, Security Update 2017-001..., which was released 4 days after the update referred to in the article.

The first linked article includes


That very strongly suggests to me that the updates in question cannot be "turned off"...that they're considered so necessary that Apple has built a backdoor into OS X/macOS to ensure that they can't be ignored.

Any additional info and/or insights will be appreciated.

No particular insight, but given Apple's extreme aversion to backdoors as security risks, even acknowledging its existence is surprising. However, given recent security issues apparently exacerbated by institutional Windows system managers failing to apply security patches, I can understand why Apple would want to have that ace up their sleeve.

That's what I always thought—extremely necessary and can't be ignored; but I have not found anything to support this belief.

Here's a gem of an article with access points to determine
How to See What the Internet Knows About You (And How to Stop It).

It turns out that there's even more spying to worry about than that which happens on the internet. The robot vacuum cleaner, bought by the folks who must have the latest toy, is actually mapping data to be sold.