Skip to main content
Jamf Nation, hosted by Jamf, is the largest Apple IT management community in the world. Dialog with your fellow IT professionals, gain insight about Apple device deployments, share best practices and bounce ideas off each other. Join the conversation.

Security Update 2018-001 High Sierra or Security Update 2018-002 High Sierra

Anybody else experiencing issues with these updates? https://support.apple.com/en-us/HT209193 talks about Security Update 2018-001 High Sierra that dropped yesterday, but this morning Security Update 2018-002 High Sierra is showing as available when I run softwareupdate --list. More troubling, I had two users report that they turned on their Macs this morning they got a "The macOS installation couldn't be completed" message with an Installation Log window in the background. Unfortunately I did not get a chance to troubleshoot the machines, but I'm guessing Security Update 2018-001 High Sierra was responsible.

Like Comment
Order by:
SOLVED Posted: by andrew.nicholas

I have seen the same, but in both cases users are able to boot back into the OS. I applied it to about four other machines without issue however, and from what I could see the log files basically state that the MacOS HD that was booted into was empty.

correction:

The main OS Installer distribution (/Volumes/Macintosh HD/Library/Updates/AtomicUpdates/041-18191/041-18191.English.dist) did not load with error: The file doesn’t exist.
Like
SOLVED Posted: by sdagley

@andrew.nicholas Thanks for the confirmation. Was it necessary to re-select the Startup Disk to boot into the OS, or something else? And it's really annoying that Apple still hasn't updated the "About the security content..." document for this yet. What a lovely Trick for Halloween.

Like
SOLVED Posted: by alex43

I had the same issue with 2018-002 10.13.6 i was able to boot normally selecting the "Startup Disk"
My only concern is if during the "update process" corrupted some sys files or it just rollback the update.
Now everything looks normal.

Like
SOLVED Posted: by AVmcclint

I'm seeing weirdness here too. Some machines that I know for a fact installed High Sierra 2018-001 update do not see the 002 update no matter what I do. so now I've got multiple build numbers to keep track of. 17G65 for 002 and 17G3025 for 001 (I think - I have completely lost track now)

Like
SOLVED Posted: by CAJensen01

We've seen it widespread as well, but I'm still waiting for techs to handoff some logs.

Like
SOLVED Posted: by AVmcclint

Whoa.... I'm starting to see evidence that the 2018-002 update is installing automatically even when automatic updates are disabled. Even on my Mac Mini at home (unmanaged) I ran softwareupdate -d -a to ONLY download the updates, but it installed it anyway!

Like
SOLVED Posted: by andrew.nicholas

@sdagley It hasn't been in all cases but some have required it.

Like
SOLVED Posted: by sdagley

@AVmcclint 17G65 was the build number for the original High Sierra 10.13.6 release. I just installed Security Update 2018-002 (High Sierra) and ended up with build 17G3025 so if 2018-001 reported the same Apple didn't bother to roll the version number between the two. Even more annoying, the Security Update 2018-002 (High Sierra) download from support.apple.com is a .pkg named SecUpd2018-002Sierra.pkg

Like
SOLVED Posted: by sdagley

@andrew.nicholas Thanks. The field techs that have run into the problem here are reporting that re-setting the Startup Disk seems to be a reliable "fix".

Like
SOLVED Posted: by CAJensen01

FWIW we've opened an enterprise case with Apple: 20000034091928.

Seeing the same error Andrew is reporting.

Nov  2 13:08:57 Computer OSInstaller[546]: The main OS Installer distribution (/Volumes/Macintosh HD/Library/Updates/AtomicUpdates/041-18191/041-18191.English.dist) did not load with error: The file doesn’t exist.
Nov  2 13:08:57 ComputerLanguage Chooser[528]: Child process exited 11
Nov  2 13:08:57 Computer storagekitd[547]: Removing client connection <SKDaemonConnection: 0x7f99a9c026d0>
Nov  2 13:08:57 Computer storagekitd[547]: No more connections, storagekitd will exit...
Nov  2 13:08:57 Computer Unknown[552]: Launching the Installer Crash Log Viewer
Like
SOLVED Posted: by luke.mccubbins

Also having this issue. I'd like to just add this update to the softwareupdate --ignore list but I'm having trouble nailing down the label for this update. Anyone have any ideas?

Like
SOLVED Posted: by gforsyth

I've tested this across the board in our environment and on clean OS installs with mixed outcomes. Some machines install and are stuck in a boot look. Some machines install fine and others fail to install all together. I opened a case with Apple and they are aware of the issue. Hope this is patched soon because we have Firmware PW and Remote Users are out of luck with no boots on the ground. :(

Like
SOLVED Posted: by sdagley

@luke.mccubbins This is what worked for me: sudo softwareupdate --ignore "Security Update 2018-002"

Like
SOLVED Posted: by FrakeTrain

Seeing this issue on multiple sites. My gear: 2017 MPB 14,3. macOS 10.13.6. My experience yesterday: Used App Store updates to update to Safari 12.0.1 and Security Update 2018-002. Downloaded 1.88Gb. Then multiple update bars with multiple on/off screens. Then as described above "The macOS installation couldn't be completed" message with an Installation Log window in the background. The window had a retry button, tried twice to no avail (brought me back to the same error) then was able to save the Update log. Then tried Startup Disk button which brought me to my start up disk and was able to reboot (whew). Noticed that Safari had updated but App Store update was still showing the Security Update 2018-002. So tried to download again and after multiple progress bar back and forth movements among many black screens... finally booted to 10.13.6 (17G3025). This is the first time in 20 years I have had this kind of almost brick issue with updates. Nothing from Apple support, but did send them the Update crash log. I had a prolonged update issue once with High Sierra but no update crash. BUT what I am finding out is that both of these issues have occurred when Apple decides to package a firmware update with the software update. I don't know what my Boot ROM Version was before but now it is: 185.0.0.0.0. And you can see they have completely changed the numerology of the version number. I did a Terminal EFI verification and came up with EFI Version: MBP143.88Z.F000.B00.1809280842. I think this used to match the Boot ROM Version. Also, as others have noted the Apple Security Updates pages still have Security Update 2018-001 listed on their site, not 002??? Also I found the Security Update 2018-002 (there is no 001) download page and noticed the size was 421.1 Gb. WHY is the download from the App Sore more than 4 times as large?? Any ideas on this?

Like
SOLVED Posted: by dnadelhoffer

This is happening in my environment, too. I’ve also noticed that the installer log actually shows up after the machine is restarted post update. Basically, the security update installs and the machine seems to be working. If the machine is restarted, it boots to the installer log. I also put a ticket in with Apple.

Like
SOLVED Posted: by bainter

If you download the misnamed SecUpd2018-002Sierra.pkg (for 10.13.6 High Sierra) from Apple's download site:

Apple Support Downloads

If you use it instead of allowing the Appstore to install it, you may encounter far fewer problems. I've had to manually restart a few Macs even though Casper Remote took care of the initial restart, but so far have not run into the numerous boot problems or failure to update. This update process has become very tenuous.

Like
SOLVED Posted: by rhill

Seeing the same issue. Confirmed same log entries in installer log which would seem to indicate that the UPDATE package itself, or a related file is missing when the update is attempted. File missing - update fails - crash log viewer initiates.

Nov 11 22:11:13 MacBook-Pro OSInstaller[546]: The main OS Installer distribution (/Volumes/Macintosh HD/Library/Updates/AtomicUpdates/041-18191/041-18191.English.dist) did not load with error: The file doesn’t exist.
Nov 11 22:11:13 MacBook-Pro Language Chooser[527]: Child process exited 11
Nov 11 22:11:13 MacBook-Pro storagekitd[547]: Removing client connection <SKDaemonConnection: 0x7f9674d01940>
Nov 11 22:11:13 MacBook-Pro storagekitd[547]: No more connections, storagekitd will exit...
Nov 11 22:11:13 MacBook-Pro Unknown[551]: Launching the Installer Crash Log Viewer

As to solutions, for one user they were able to just restart, and OS started fine, for others the sequence would repeat. For the latter - selected startup disk and this solved the issue. Have put in place an software ignore as per @sdagley suggestion above AND also modified the RESTRICTIONS profile that is pushed to all users to now DEFER UPDATES FOR 90 days. Usually can rely upon Apple Security updates and rollout shortly after release with minimal risk to the fleet. Not so much anymore. Poor form Apple! Hope they fix soon.

Like
SOLVED Posted: by carlo.anselmi

@rhill
I noticed on my internal SUS there are newer pkgs released 06/11 (both high sierra and sierra sec. updates)
Perhaps they changed something and also wondering if the pkgs available to download on Apple website had changed too

Like
SOLVED Posted: by stevewood

We have had reports of machines failing with the log file showing, as reported above, and we've also had reports of FileVault enabled Macs not completing the restart process and requiring the selection of Startup Disk. On the FV Macs, I noticed the following in the policy log that called softwareupdate:

Downloaded Safari Downloaded Security Update 2018-002 Installing Safari, Security Update 2018-002 Done with Safari Done. To install these updates, your computer must shut down. Your computer will automatically start up to finish installation. Installation will not complete successfully if you choose to restart your computer instead of shutting down. Please call halt(8) or select Shut Down from the Apple menu. To automate the shutdown process with softwareupdate(8), use --restart. A reboot was required with one or more of the installed updates. Software update finished. Reboot is required. Blessing i386 macOS System on /... Creating Reboot Script...

If you look, the log is saying

Installation will not complete successfully if you choose to restart your computer instead of shutting down.

I have never seen a Mac update require a shutdown. I'm wondering if shutting down instead of restarting will "fix" this issue. I have one of our local IT guys that will attempt a shutdown the next time he has a user come up with a "bricked" Mac.

Anyone else seeing this?

Like
SOLVED Posted: by AVmcclint

I have discovered if I download the confusingly-named SecUpd2018-002Sierra.dmg, mount it and copy the .pkg to the desktop of any Mac that needs the update and run it from there it is guaranteed to fail every time. It runs, it reboots, says Installing Update.... then goes to a black screen with a spinning gear. That's it. it NEVER completes the update process. If I put the pkg into Self Service, it basically does the same thing. If I copy the .dmg to a applicable Mac and run the .pkg directly from the mounted .dmg, then it works - EVERY TIME. WTF, Apple? This has been out for how long and they still haven't addressed the numerous problems?

I'm STILL observing that maybe 20% of applicable Macs can actually see the update in the Mac App Store or via softwareupdate command. I've seen some Macs will show it in MAS, but if I quit and relaunch, it disappears.

Like
SOLVED Posted: by shawnis43

@stevewood I've seen that message in the logs a handful of times. As far as I can tell its only happening with the 2018 T2 chip MacBook Pro's in our environment. I haven't been able to test shutting down instead of restart though. All the ones I've seen have been past that stage and re-running the update installs it. I've also seen the requirement of selecting the startup disk and also the Mac needs to be connected to the internet to complete the install

Like
SOLVED Posted: by hkabik

I've had two machines attempt install of these automatically and get stuck in a boot loop. And we have Auto-update disabled here. Glad it;s only 2 so far, but that is VERY worrying.

Like
SOLVED Posted: by hkabik

Make that 6 machines. This update is a nightmare. We block auto-updates to protect against this kind of thing and Apple still finds a way to ruin my day.

Like
SOLVED Posted: by simon.brown

+1 have come across the issue in our company and have pulled the update (for the time being) from our software update server until Apple fix this.

Like
SOLVED Posted: by hkabik

Setting the startup disk only worked for 1 of the 6 machines. the others were all rebuilds. I hope there aren't more of these in my environment we haven't found yet.

Like
SOLVED Posted: by stevewood

Can anyone confirm which models they are seeing this on? Is it only T2 enabled Macs? So iMac Pro and the 2018 models of devices? We're trying to lock this down so we can open an enterprise AC case.

Like
SOLVED Posted: by jwojda

@stevewood I just had it on a 2015 iMac 27" 5k

Like
SOLVED Posted: by hkabik

@stevewood This is not limited to T2 Macs only, we've had it on 2 older machines as well.

Like
SOLVED Posted: by stevewood

@jwojda @hkabik

Thanks guys! We release to our test group this week, so I'm waiting for that before opening the AC case. I want to be able to provide some decent evidence. So far I have not been able to replicate, but that has been in VMs and not on physical hardware (except for the cases reported by one of our agencies).

Like
SOLVED Posted: by BoscoATX

I downloaded Security Update 2018-002 from our Reposado server today. Attached screenshot is all that's installed. I parsed through the installer packages using Suspicious Package and theres A LOT of items installed in the SecUpd2018-002Sierra.pkg.

Like
SOLVED Posted: by AVmcclint

I need to add that installing the update from the mounted .dmg isn't as successful as I believed. On the first 6 Macs I ran it on, it did work every time. Now it doesn't work at all on any Mac - I've even redownloaded it just in case something happened to my original dmg. It "installs" for a few seconds, reboots (bypassing FileVault), I login, and I'm back at the desktop still not updated. I've scoured the logs and can find no indication of any kind of failures or errors. The only solution I keep hearing from people who contacted Apple is to reinstall the OS from the Recovery partition. This is happening on brand new Macs fresh out of the box so I seriously doubt a reinstallation is going to fix anything. Besides, who has time to reinstall the OS on 100+ Macs?

Like
SOLVED Posted: by hkabik

Did any body else make a bug report on this? Or take it to Enterprise support as an issue?

Like
SOLVED Posted: by tdilossi

This didn't start for us until Tuesday the 27th. I'd just like to add that we are running 10.12.6 on all of our devices and this has been a complete nightmare for us as well! I thought at first it was something I had missed in my settings, but soon found that Apple appears to be screwing with us! I have at least 6 bricked systems at this point, and pointing them to the startup disk has only worked on 1 of them. A few are on a constant reboot cycle. I've tried the recovery drive on a few as well, but found that it is failing at about 90% complete. I'm contacting Apple developers to let them know what a shit show this is, hopefully others will do the same.

Like
SOLVED Posted: by stevewood

@hkabik yes, we just opened ACE 100689231892.

Like
SOLVED Posted: by hkabik

Thanks to everyone else that is making noise about this with Apple.

Like
SOLVED Posted: by jwojda

@hkabik our ACE is 100666331583.

Like
SOLVED Posted: by gshackney

I've seen similar issues with drives not using APFS and or raided/Fusion Drives trying to apply certain updates. Anyone have any corroborating evidence to support this? Also I've seen firmware updates fail when 3rd party programs are installed that modify core systems IE a fan controller for iMacs or anything that requires the SIP to be disabled for install.

Gabe Shackney
Princeton Public Schools

Like
SOLVED Posted: by AVmcclint

Apple released Security Update 2018-003 for High Sierra yesterday. I successfully installed it on a Mac this morning, but it was a Mac that took 002 without problem anyway. As my users come in, I'll try to apply 003 to a Mac that I know still refuses to install 002 and see what happens.

Like
SOLVED Posted: by AVmcclint

No luck. I've tried softwareupdate -i -a and the Mac App Store app, and IF the update shows up and downloads, it never actually installs. Either it hangs forever at shutting down or it reboots as if nothing ever happened. Same problems as before. Reinstalling the OS on 100+ macs is not an option. It's just so frustrating that it installs perfectly fine on some Macs that are configured identically to all the others that are failing.

Like
SOLVED Posted: by chris.kemp

We're starting to get reports of this too. Watching... We'll probably open an ACE as well, referencing the ones listed here.

Like
SOLVED Posted: by bpavlov

Same issues with Security Update 2018-003 as 2018-002 had. I don't understand why computers can't even upgrade when going through the App Store. I'm not even automating anything.

On some computers, reinstalling the update fixes things. But on others I have even if I install the update it ends up in a situation where I always end up at the boot picker screen to select Macintosh HD when there is no other bootable volume and then the keyboard stops working correctly (it seems to screw up the keys with some being pressed but not entering the key pressed in the password field) so I have to restart it again and then it boots "normally".

I just can't understand how updates just worked for so long and now suddenly Apple has decided to change things up and now it doesn't work even when you don't try to automate things.

Like
SOLVED Posted: by AVmcclint

After more failures, I tried something a little different. I've had some very limited success on machines that previously failed by using softwareupdate -i -a --restart instead of just softwareupdate -i -a and manually restarting. What's weird is that installing the update from the MAS and clicking "Restart Now" when prompted still fails every time. None of that explains why some computers absolutely under no circumstances even show the Security Update as being available. Resetting softwareupdate doesn't reveal the update that I know it needs.

Like
SOLVED Posted: by jwojda

@AVmcclint Thank you for your updates on this, I had our monthly meeting yesterday with our ACE manager, I mentioned your results to him on the call (when we came to our afore mentioned case number's status), though full disclosure I haven't had an opportunity to try on my end, but I did at least put your results on his radar for it may not be fully resolved yet.

Like
SOLVED Posted: by AVmcclint

Good! I'm glad people can make use of the details I share. So far adding --restart to the softwareupdate command has worked on 4 Macs.

Like
SOLVED Posted: by AVmcclint

Oh, if you're curious about the build number for SecurityUpdate 2018-003 for High Sierra, it's 17G4015

Like
SOLVED Posted: by hkabik

Still having issues with 003, but it seems to fail more gracefully for me than 002 did. 002's failure sent my mahcines into reboot loops, this just seems to not do anything after restart. The machine behaves as normal, the update just never installs.

Like