- A Critical Software Update Is Required For Your Mac Fix
- A Critical Software Update Is Required For Your Mac Loop
- A Critical Software Update Is Required For Your Mac But An Error Was Encountered
- A Critical Software Update Is Required For Your Mac 2019
This article is intended for enterprise and education network administrators.
Nov 15, 2017 This still prompted for the update but we were able to successfully install it. After a fresh install, Migration Assistant loaded the fresh Time Machine backup back. It makes no sense that Apple would have a critical security update immediately following a OS update. It’s because it’s not Apple—it’s a sign of malware in the efi aka firmware. This type of malware is both well documented and real and has been around since at least 2016. If you're currently running macOS 10.11 or higher on your Mac and connect your iPhone to sync with iTunes, you may get an alert saying that 'a software update is required to connect to your iPhone.' Here's everything you need to know about what that means, how to update your system, and what to do if updating doesn't work.
Sep 28, 2018 Published on Sep 28, 2018 A critical software update is required for your Mac, but an error was encountered while installing this update. Your Mac can’t be used until this update is installed. How to configure Software Update on your Mac. This makes sure you are notified of new updates as they occur in the event that there is a critical one that needs to be installed for the safety.
Apple products require access to the Internet hosts in this article for a variety of services. Here's how your devices connect to hosts and work with proxies:
- Network connections to the hosts below are initiated by the device, not by hosts operated by Apple.
- Apple services will fail any connection that uses HTTPS Interception (SSL Inspection). If the HTTPS traffic traverses a web proxy, disable HTTPS Interception for the hosts listed in this article.
Make sure your Apple devices can access the hosts listed below.
Apple Push Notifications
Learn how to troubleshoot connecting to the Apple Push Notification service (APNs). For devices that send all traffic through an HTTP proxy, you can configure the proxy either manually on the device or with a configuration profile. Beginning with macOS 10.15.5, devices can connect to APNs when configured to use the HTTP proxy with a proxy auto-config (PAC) file.
Device setup
Access to the following hosts might be required when setting up your device, or when installing, updating or restoring the operating system.
Hosts | Ports | Protocol | OS | Description | Supports proxies |
---|---|---|---|---|---|
albert.apple.com | 443 | TCP | iOS, tvOS, and macOS | Yes | |
captive.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | Internet connectivity validation for networks that use captive portals. | Yes |
gs.apple.com | 443 | TCP | iOS, tvOS, and macOS | Yes | |
humb.apple.com | 443 | TCP | iOS, tvOS, and macOS | Yes | |
static.ips.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | Yes | |
tbsc.apple.com | 443 | TCP | macOS only | Yes | |
time-ios.apple.com | 123 | UDP | iOS and tvOS only | Used by devices to set their date and time | -- |
time.apple.com | 123 | UDP | iOS, tvOS, and macOS | Used by devices to set their date and time | -- |
time-macos.apple.com | 123 | UDP | macOS only | Used by devices to set their date and time | -- |
Device Management
Network access to the following hosts might be required for devices enrolled in Mobile Device Management (MDM):
A Critical Software Update Is Required For Your Mac Fix
Hosts | Ports | Protocol | OS | Description | Supports proxies |
---|---|---|---|---|---|
*.push.apple.com | 443, 80, 5223, 2197 | TCP | iOS, tvOS, and macOS | Push notifications | Learn more about APNs and proxies. |
gdmf.apple.com | 443 | TCP | iOS, tvOS, and macOS | MDM server to identify which software updates are available to devices that use managed software updates. | Yes |
deviceenrollment.apple.com | 443 | TCP | iOS, tvOS, and macOS | DEP provisional enrollment. | -- |
deviceservices-external.apple.com | 443 | TCP | iOS, tvOS, and macOS | -- | |
identity.apple.com | 443 | TCP | iOS, tvOS, and macOS | APNs certificate request portal. | Yes |
iprofiles.apple.com | 443 | TCP | iOS, tvOS, and macOS | Hosts enrollment profiles used when devices enroll in Apple School Manager or Apple Business Manager through Device Enrollment | Yes |
mdmenrollment.apple.com | 443 | TCP | iOS, tvOS, and macOS | MDM servers to upload enrollment profiles used by clients enrolling through Device Enrollment in Apple School Manager or Apple Business Manager, and to look up devices and accounts. | Yes |
setup.icloud.com | 443 | TCP | iOS only | Required to log in with a Managed Apple ID on Shared iPad. | -- |
vpp.itunes.apple.com | 443 | TCP | iOS, tvOS, and macOS | MDM servers to perform operations related to Apps and Books, like assigning or revoking licenses on a device. | Yes |
Software updates
Make sure you can access the following ports for updating macOS, apps from the Mac App Store, and for using content caching.
macOS, iOS, and tvOS
Network access to the following hostnames are required for installing, restoring, and updating macOS, iOS, and tvOS:
Hosts | Ports | Protocol | OS | Description | Supports proxies |
---|---|---|---|---|---|
appldnld.apple.com | 80 | TCP | iOS only | iOS updates | -- |
gg.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | iOS, tvOS, and macOS updates | Yes |
gnf-mdn.apple.com | 443 | TCP | macOS only | macOS updates | Yes |
gnf-mr.apple.com | 443 | TCP | macOS only | macOS updates | Yes |
gs.apple.com | 443, 80 | TCP | macOS only | macOS updates | Yes |
ig.apple.com | 443 | TCP | macOS only | macOS updates | Yes |
mesu.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | Hosts software update catalogs | -- |
ns.itunes.apple.com | 443 | TCP | iOS only | Yes | |
oscdn.apple.com | 443, 80 | TCP | macOS only | macOS Recovery | -- |
osrecovery.apple.com | 443, 80 | TCP | macOS only | macOS Recovery | -- |
skl.apple.com | 443 | TCP | macOS only | macOS updates | -- |
swcdn.apple.com | 80 | TCP | macOS only | macOS updates | -- |
swdist.apple.com | 443 | TCP | macOS only | macOS updates | -- |
swdownload.apple.com | 443, 80 | TCP | macOS only | macOS updates | Yes |
swpost.apple.com | 80 | TCP | macOS only | macOS updates | Yes |
swscan.apple.com | 443 | TCP | macOS only | macOS updates | -- |
updates-http.cdn-apple.com | 80 | TCP | iOS, tvOS, and macOS | -- | |
updates.cdn-apple.com | 443 | TCP | iOS, tvOS, and macOS | -- | |
xp.apple.com | 443 | TCP | iOS, tvOS, and macOS | Yes |
App Store
Access to the following hosts might be required for updating apps:
![Mac Mac](/uploads/1/2/6/3/126305318/979891773.jpg)
Hosts | Ports | Protocol | OS | Description | Supports proxies |
---|---|---|---|---|---|
*.itunes.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | Store content such as apps, books, and music | Yes |
*.apps.apple.com | 443 | TCP | iOS, tvOS, and macOS | Store content such as apps, books, and music | Yes |
*.mzstatic.com | 443 | TCP | iOS, tvOS, and macOS | Store content such as apps, books, and music | -- |
itunes.apple.com | 443, 80 | TCP | iOS, tvOS, and macOS | Yes | |
ppq.apple.com | 443 | TCP | iOS, tvOS, and macOS | Enterprise App validation | -- |
Content caching
Access to the following host is required for a Mac that uses macOS content caching:
Hosts | Ports | Protocol | OS | Description | Supports proxies |
---|---|---|---|---|---|
lcdn-registration.apple.com | 443 | TCP | macOS only | Content caching server registration | Yes |
App notarization
Starting with macOS 10.14.5, software is checked for notarization before it will run. In order for this check to succeed, a Mac must be able to access the same hosts listed in the Ensure Your Build Server Has Network Access section of Customizing the Notarization Workflow:
Hosts | Ports | Protocol | OS | Description | Supports proxies |
---|---|---|---|---|---|
17.248.128.0/18 | 443 | TCP | macOS only | Ticket delivery | -- |
17.250.64.0/18 | 443 | TCP | macOS only | Ticket delivery | -- |
17.248.192.0/19 | 443 | TCP | macOS only | Ticket delivery | -- |
Certificate validation
Apple devices must be able to connect to the following hosts to validate digital certificates used by the hosts listed above:
Hosts | Ports | Protocol | OS | Description | Supports proxies |
---|---|---|---|---|---|
crl.apple.com | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
crl.entrust.net | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
crl3.digicert.com | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
crl4.digicert.com | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
ocsp.apple.com | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
ocsp.digicert.com | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
ocsp.entrust.net | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
ocsp.verisign.net | 80 | TCP | iOS, tvOS, and macOS | Certificate validation | -- |
Firewalls
If your firewall supports using hostnames, you may be able to use most Apple services above by allowing outbound connections to *.apple.com. If your firewall can only be configured with IP addresses, allow outbound connections to 17.0.0.0/8. The entire 17.0.0.0/8 address block is assigned to Apple.
HTTP proxy
You can use Apple services through a proxy if you disable packet inspection and authentication for traffic to and from the listed hosts. Exceptions to this are noted above. Attempts to perform content inspection on encrypted communications between Apple devices and services will result in a dropped connection to preserve platform security and user privacy.
- See a list of TCP and UDP ports used by Apple software products.
- Find out which ports are used by Profile Manager in macOS Server.
- Learn about macOS, iOS, and iTunes server host connections and iTunes background processes.
- Customize the Notarization Workflow.
Once in your life as a Mac user, have you ever encountered this message: “A critical software update is required for your Mac, but an error was encountered while installing this update”? A further note then states, “Your Mac can’t be used until this update is installed.”
The problem, however, doesn’t end there. Your computer seems to be trapped in an endless loop as the “critical software update” doesn’t seem to work, locking down your Mac and preventing you from using your machine smoothly and problem-free.
Here’s a quick guide to help you navigate this Mac critical software update issue – why it occurs and a few solid steps you can take to solve it.
How to Fix the ‘Critical Software Update’ Problem on Macs
Imagine this: your computer boots up, and you immediately get a plain white screen with a spinning gear for what seems like an eternity. Then you get the dreaded error message, and there’s hardly any indication of what’s happening and you can’t see the log to see what’s going on. Your Mac is good as useless because you have to shut it down or click Try again, which seems to never work.
There are a number of likely reasons why this glitch is taking place. At the same time, here are some quick fixes you can try on your own:
- Tackle Malfunctioning Touch Bar – MacBooks that have the Touch Bar often fall victim to the critical software update problem on Mac. Serving as a built-in accessory, the Touch Bar has particular firmware to help it operate, and this can lead to issues when it’s time to get macOS updated.
A separate update, after all, is required for the Touch Bar, and this update is prone to problems with internet connection as well as in reaction to other factors present during the update process.
Here’s a quick way to address this problem:
- Turn off your MacBook. If necessary, hold down Power for a forced shutdown in case it doesn’t respond.
- Connect your machine to a wired network; avoid using WiFi. The idea is to link to a directly connected network connection, sans any restriction to access.
- Boot up your MacBook and tell it to restart. Try updating the software again. The reboot may take a while, but that’s all right and you can wait to load macOS properly.
- Address or Uninstall Misbehaving Apps – A recently downloaded app may not be working right with macOS. Try to delete recently installed apps if you can access macOS even for a few moments, and then see if that effectively fixes the issue.
A Critical Software Update Is Required For Your Mac Loop
An app can negatively interact with Apple updates, so the simple solution is simply uninstall it if it’s incompatible with the current update process.
- Uninstall Hands Off! – This app monitors and controls the access of other apps to your network and disks. Using Hands Off!, you can track as well as gain control of internet connections from all apps so as to detect hidden connections and hinder them from sending data or phoning home without your consent.
Hands Off! has been associated with critical software update issues as it installs a kernel-level network extension to control network access. Uninstall it in Safe Mode and reboot your Mac.
- Reinstall macOS – There are times when an issue like “critical software update” signals a more serious problem, so the best move to make is to entirely reinstall macOS. Don’t worry, though, as you should be able to keep your saved data safe from deletion.
Since this process will take a while, initiate the process only when your Mac is connected to a power supply and you don’t need to use your computer right away. Here are steps to follow:
- Turn on your Mac by holding down the Command + R keys, which will launch the macOS Utilities window.
- Select Reinstall macOS.
- Once prompted, choose Continue and then follow the instructions for reinstallation.
- Take Your Mac to the Experts – If nothing seems to work, perhaps it’s time to take the issue to the experts and contact your local Apple Store. This way, a professional can check your Mac and see if it’s an internal issue that’s taking place. These people can make a proper diagnosis and you can simply wait to retrieve your Mac after a few days at the shop.
Final Notes
The critical software problem issue on Mac is a total nuisance, and we know you don’t have the time, energy, and sometimes complete know-how to solve it. We then hope one of the fixes we presented above gets the job done before you do a full wipe of your computer.
Of course, don’t forget to clean your Mac, get rid of junk files, and optimize it for top performance using a reliable third-party Mac repair tool. Proper diagnosis, after all, is half the cure.
A Critical Software Update Is Required For Your Mac But An Error Was Encountered
Have you ever come across this problem? How did you get your Mac back in tiptop shape? Let us know in the comments!