Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Patching macOS (M1/M2/M3/M4 Chip Processors) Using Saner CVEM

            Modified on Thu, 27 Nov at 12:00 PM

            Product Version: 6.5.x.x

            Overview

            To successfully remediate macOS devices powered by Apple Silicon processors (M1, M2, M3, or M4 chips), a local user account with specific permissions must be created on the device. Apple has recently introduced this prerequisite to enable seamless execution of operating system updates.

            Saner CVEM requires this local user account to authenticate and execute OS-level patching actions on Apple Silicon–based devices.

            Affected Devices

            This requirement applies to:

            • macOS devices with M1, M2, M3, or M4 chip processors

            • Any macOS endpoint where OS updates or security updates need to be deployed through Saner CVEM

            Solution

            Follow the steps below to successfully deploy macOS patches on Apple Silicon devices using Saner CVEM.


            1. Log in to Saner CVEM

            Access the Saner CVEM platform using valid credentials.


            2. Navigate to the Patching Module

            Go to:
            Patch Management (PM) → Missing Patches


            3. Select and Apply Patches

            • Identify the required macOS patch for the target device(s).

            • Select the patch and click Apply Selected Patches.



            4. Configure the Task

            • Enter a Task Name.

            • Set the Remediation Schedule as required.


            5. Upload the Pre-Script

            • Under Task Controls, click Remediation Scripts.

            • Choose Pre-Script.

            • Upload the file macOS-Silicon-User-Creation.sh.


            6. Edit the Pre-Script

            Before uploading, modify the script to include:

            • The username of a local account on the macOS device

            • The password for this account

            • Ensure the user account has local volume permissions

            This user is required for executing privileged system updates.

            Refer to the screenshot below for guidance.



            7. Apply the Patches

            After uploading and configuring the pre-script, click Apply Selected Patches to begin the remediation process.

            Additional Notes

            • The macOS-Silicon-User-Creation.sh script is included in the attached ZIP package.

            • Ensure the credentials added to the script are accurate. Incorrect user details or permissions will result in remediation failures.

            • This prerequisite is mandatory only for Apple Silicon devices (M1–M4). Intel-based macOS devices do not require this step.

            Attachments (1)

            zip

            Mac OS user ....zip
            1.85 KB

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0