Jason Snell, writing at Six Colors:

Software developer Photon, whose product requires running a bunch of Macs to connect to iMessage, discovered a pretty major bug:

Every Mac has a hidden expiration date. After exactly 49 days, 17 hours, 2 minutes, and 47 seconds of continuous uptime, a 32-bit unsigned integer overflow in Apple’s XNU kernel freezes the internal TCP timestamp clock… ICMP (ping) keeps working. Everything else dies. The only fix most people know is a reboot.

The whole story is wild (albeit technical). Photon says they’re working on a fix, but really, this is something Apple should be working on.

If you keep track of time using milliseconds, and store that in an unsigned 32-bit integer, it overflows after 49 days, 17 hours, 2 minutes, and 47 seconds. That’s the bug.

I think this bug is new to Tahoe. If you look at Apple’s open-source XNU kernel code — e.g. lines 3,732 to 3,745 in tcp_subr.c — you can see that the lines assigning the time in milliseconds to a uint32_t variable were checked in just six months ago, whereas most of the file is five years old. Also, I personally ran my MacBook Pro — at the time, running MacOS 15.7.2 Sequoia — up to 91 days of uptime in January. I even mentioned that remarkable uptime in my annual report card, in praise of Apple’s software reliability. Apple’s pre-Tahoe reliability, that is.

I was hesitant to link to this at all because the original (unbylined) report from Photon is so hard to follow. It’s downright manic — over 3,500 words with 33 section headings (<h2> and <h3> tags), with no cohesive narrative. The bug, seemingly, is not that complicated. The whole write-up from Photon just screams “AI-generated slop” to me, and I thus hesitate even to link to Snell’s piece linking to it. But I think the bug is real, and my sympathy for everyone afflicted with MacOS 26 Tahoe is sincere. (And if I’m wrong about the post being AI slop and a human at Photon actually wrote this, I would suggest taking it easy with the cocaine.)

Juli Clover (no release notes, no security, enterprise, no developer, full installer, IPSW): macOS Tahoe 26.4.1 addresses an issue that could cause the M5 MacBook Air and M5 Pro/Max MacBook Pro models to fail to join 802.1X Wi-Fi networks when using content filter extensions. See also Mr. Macintosh and Howard Oakley. Previously: macOS 26.4 MacBook […]

Juli Clover (iOS/iPadOS release notes, no security, enterprise, no developer): According to Apple’s release notes, the software updates contain unspecified “bug fixes.” Benjamin Mayo: While the official release notes were vague, a thread on the developer forums indicates it actually fixes a significant bug related to iCloud data syncing. Developers had noticed that iPhones running […]

Thijs Xhaflaire (via Andrew Orr): Unlike traditional ClickFix campaigns that instruct users to paste commands directly into Terminal, the discovered variant uses a browser-triggered workflow to launch Script Editor. […] The page leverages an applescript:// URL scheme Clicking the “Execute” button invokes this URL scheme from the browser The browser prompts the user to allow […]

“thenickdude”, on Reddit:

They’re using this to detect if you have Creative Cloud already installed when you visit on their website.

When you visit https://www.adobe.com/home, they load this image using JavaScript:

https://detect-ccd.creativecloud.adobe.com/cc.png

If the DNS entry in your hosts file is present, your browser will therefore connect to their server, so they know you have Creative Cloud installed, otherwise the load fails, which they detect.

They used to just hit http://localhost:<various ports>/cc.png which connected to your Creative Cloud app directly, but then Chrome started blocking Local Network Access, so they had to do this hosts file hack instead.

(Via Thom Holwerda at OSNews.)

They didn’t have to do this, of course. In fact, quite obviously, they definitely should not be doing this. Adobe is just a third-party developer, no better, no more trusted, no more important than any other. Imagine if every piece of software on your computer added entries to your /etc/hosts file. Madness. Adobe should be ashamed of themselves. Adobe used to be a bastion of best practices for developers to follow. Now their installer/updater is indistinguishable from malware.

See also: Marc Edwards on Mastodon, and Michael Tsai.