Releases: usnistgov/macos_security
Release list
visionOS 26 Guidance Revision 3.0
Included in this release are updated guidance documents (HTML, PDF, XLS, XCCDF) for the NIST SP 800-53r5 Low, Moderate, and High, visionOS 26.0 DISA STIG, CNSSI Low, Moderate, and High for visionOS (26.0).
Full Changelog: visionos26_rev2...visionos26_rev3
Tahoe Guidance Revision 3.0
Included in this release are updated guidance documents (HTML, PDF, XLS, SCAP) for the NIST SP 800-53r5 Low, Moderate, and High, NIST 800-171r3, DISA STIG, NLMAPGOV Base, NLMAPGOV Plus, Health Industry Cybersecurity Practices (HICP) Large Practices, CNSSI-1253 Low, Moderate, and High, CMMC Level 1, CMMC Level 2, CIS macOS Benchmarks Level 1 and 2, and CIS Critical Security Controls Version 8 baselines for macOS Tahoe (26.0).
What's Changed
- Sequoia Release 1.1 by @robertgendler in #457
- Add new docs by @headmin in #486
- Overhaul NIST Pages by @cocopuff2u in #512
- refactor[docs] Moved scripts directory by @robertgendler in #514
- Initial development version of NLMAPGOV by @jordywitteman in #523
- Fix dependency issue in rexml module in Gemfile by @arpitjain099 in #482
- Dev sequoia issue364 by @brodjieski in #506
- Dev sequoia cmmc by @jmahlman in #549
- refactor: sync with tahoe by @brodjieski in #563
- Close compliance bypass caused by exploiting eval by @homebysix in #565
- Consolidated profile by @chkpnt in #542
- Add spell check action to project by @brodjieski in #568
- Minor timeserver update & upstream changes by @jordywitteman in #588
- chore: update cspell dictionaries by @brodjieski in #596
- Dev tahoe issue607 by @golbiga in #608
- Update cspell dictionary by @brodjieski in #609
- NLMAPGOV baselines for macOS 26 by @jordywitteman in #632
- New rules for to Software Update Settings by @jordywitteman in #634
- Initial Emory Rules Update by @ekikano in #638
- fix(system_settings_screensaver_timeout_enforce): update CIS lvl1/lvl2 ODV from 1200 to 900 by @nancysangani in #643
- fix(pwpolicy_history_enforce): update CIS lvl1/lvl2 ODV from 15 to 24 by @nancysangani in #642
- fix: Silicon update for SystemProfiler model name by @trewwwsec in #645
- Updated reference in line with BIO2 v1.3 by @aronvandenherik in #647
- Replace deprecated com.apple.SoftwareUpdate payload with supported configuration by @nancysangani in #653
- Add os_safari_allow_javascript_disable rule by @nancysangani in #658
- fix: adjust regex for remediation by @brodjieski in #663
- cspell.json: remove trailing comma by @homebysix in #662
- Update os_sleep_and_display_sleep_apple_silicon_enable by @TSPARR in #674
- Update os_sleep_and_display_sleep_apple_silicon_enable.yaml by @TSPARR in #675
- Align CIS baseline with CIS macOS 26 Tahoe v1.1.0 by @tonyyo11 in #688
- Align BIO references with BIO2 v1.3 macOS sheet by @jordywitteman in #696
- Add image processing dependencies to Dockerfile by @robertgendler in #707
New Contributors
- @chkpnt made their first contribution in #542
- @ekikano made their first contribution in #638
- @trewwwsec made their first contribution in #645
- @aronvandenherik made their first contribution in #647
- @tonyyo11 made their first contribution in #688
Full Changelog: tahoe_rev2...tahoe_rev3
iOS/iPadOS 26 Guidance Revision 3.0
Included in this release are updated guidance documents (HTML, PDF, XLS, XCCDF) for the NIST SP 800-53r5 Low, Moderate, and High, BSI indigo, DISA-STIG, CMMC Level 1, 2, and 3, NLMAPGOV Base, NLMAPGOV Plus, CNSSI Low, Moderate, and High, CIS iOS Benchmarks Level 1 and 2 (BYOD and Enterprise), and CIS Critical Security Controls Version 8 baselines for iOS/iPadOS 26.
What's Changed
- NLMAPGOV for iOS/iPadOS 26 by @jordywitteman in #644
- Align BIO references with BIO2 v1.3 iOS/iPadOS sheet by @jordywitteman in #697
Full Changelog: ios26_rev2...ios26_rev3
visionOS 26 Guidance Revision 2.0
Included in this release are updated guidance documents (HTML, PDF, XLS, XCCDF) for the NIST SP 800-53r5 Low, Moderate, and High, visionOS 2.0 DISA STIG, CNSSI Low, Moderate, and High for visionOS (26.0).
Full Changelog: visionos26_rev1...visionos26_rev2
Tahoe Guidance Revision 2.0
Included in this release are updated guidance documents (HTML, PDF, XLS, SCAP) for the NIST SP 800-53r5 Low, Moderate, and High, NIST 800-171r3, DISA STIG, CNSSI-1253 Low, Moderate, and High, CMMC Level 1, CMMC Level 2, CIS macOS Benchmarks Level 1 and 2, and CIS Critical Security Controls Version 8 baselines for macOS Tahoe (26.0).
What's Changed
- Update os_skip_apple_intelligence_enable.yaml by @akegerreis in #570
- Tahoe spell check by @brodjieski in #569
Full Changelog: tahoe_rev1...tahoe_rev2
Sequoia Guidance Revision 4.0
Included in this release are updated guidance documents (HTML, PDF, XLS, SCAP) for the NIST SP 800-53r5 Low, Moderate, and High, NIST 800-171r3, DISA STIG, NLMAPGOV Base, NLMAPGOV Plus, CNSSI-1253 Low, Moderate, and High, CMMC Level 1, CMMC Level 2, CIS macOS Benchmarks Level 1 and 2, and CIS Critical Security Controls Version 8 baselines for macOS Sequoia (15.0).
What's Changed
- Sequoia Release 1.1 by @robertgendler in #457
- Add new docs by @headmin in #486
- Overhaul NIST Pages by @cocopuff2u in #512
- refactor[docs] Moved scripts directory by @robertgendler in #514
- Initial development version of NLMAPGOV by @jordywitteman in #523
- refactor: sync with tahoe by @brodjieski in #563
- Consolidated profile by @chkpnt in #542
- Minor timeserver update & upstream changes by @jordywitteman in #588
New Contributors
- @jordywitteman made their first contribution in #523
- @chkpnt made their first contribution in #542
Full Changelog: sequoia_rev3...sequoia_rev4
iOS/iPadOS 26 Guidance Revision 2.0
Included in this release are updated guidance documents (HTML, PDF, XLS, XCCDF) for the NIST SP 800-53r5 Low, Moderate, and High, BSI indigo, DISA-STIG, CNSSI Low, Moderate, and High, CIS iOS Benchmarks Level 1 and 2 (BYOD and Enterprise), and CIS Critical Security Controls Version 8 baselines for iOS/iPadOS 26.
What's Changed
- Add Apple indigo v1.4 to iOS 26 by @headmin in #580
- Add missing indigo version reference to adoc_additional_docs.adoc by @headmin in #595
Full Changelog: ios26_rev1...ios26_rev2
visionOS 26 Guidance Revision 1.0
Included in this release are updated guidance documents (HTML, PDF, XLS, XCCDF) for the NIST SP 800-53r5 Low, Moderate, and High, CNSSI Low, Moderate, and High for visionOS (26.0).
Full Changelog: visionos_rev2...visionos26_rev1
Tahoe Guidance Revision 1.0
Included in this release are updated guidance documents (HTML, PDF, XLS, SCAP) for the NIST SP 800-53r5 Low, Moderate, and High, NIST 800-171r3, CNSSI-1253 Low, Moderate, and High, CMMC Level 1, CMMC Level 2, CIS macOS DRAFT Benchmarks Level 1 and 2, and CIS Critical Security Controls Version 8 baselines for macOS Tahoe (26.0).
What's Changed
- Update os_iphone_mirroring_disable.yaml by @akegerreis in #504
- Update generate_baseline.py by @aidenpryor in #493
- Improve regex code by @arpitjain099 in #483
- Tahoe CMMC Baseline Push by @jmahlman in #548
- Tahoe findings fix by @mgajdar in #551
New Contributors
- @akegerreis made their first contribution in #504
- @aidenpryor made their first contribution in #493
Full Changelog: sequoia_rev2...tahoe_rev1
Sonoma Guidance Revision 5.0
Included in this release are updated guidance documents (HTML, PDF, XLS, SCAP) for the NIST SP 800-53r5 Low, Moderate, and High, NIST 800-171r3, DISA-STIG, CNSSI-1253 Low, Moderate, and High, CMMC Level 1, CMMC Level 2, CIS macOS Benchmarks Level 1 and 2, and CIS Critical Security Controls Version 8 baselines for macOS Sonoma(14.0).
What's Changed
- Fix CIS reference numbers being off by 1 in system_settings.general.s… by @jakubfilo in #508
New Contributors
- @jakubfilo made their first contribution in #508
Full Changelog: sonoma_rev4...sonoma_rev5