Some Big Sur users are unable to update macOS due to an MDM bug


Earlier this week, several macOS sysadmins started reporting that some Apple devices were unable to upgrade to Big Sur version 11.1. Affected users may briefly see the 11.1 upgrade, but then it will disappear from the update UI and command line softwareupdate tool despite not being installed.

Incorrect update request

Developer Victor Vrantchan, of the open source MicroMDM project, says he found the problem. Some Macs mistakenly ask for 11.0.1 instead of 11.1 from Apple’s update server – which update is then rejected if the machine in question is already running 11.0.1 or newer, like most.

enlarge / Apple’s update servers don’t like it when you request a system update older than your currently installed version.

While the erroneous requests themselves are obvious enough, the break condition is less so. According to Vrantchan, the incorrect request “somehow corrupts the status of the software update process”, resulting in a system that no longer presents the update as an option in System Preferences at all.

Restarting the affected system will make the update visible again, but that may or may not help; if the next attempt to install 11.1 throws the same erroneous 11.0.1 request, the problem behavior will just repeat itself.

Removing the MDM Profile – for you non-Mac folks and non-sysadmins, that’s Apple’s misleadingly named Mobile Device Management service that allows education and business organizations to manage fleets of macOS and iOS devices and ” monitor” – also makes the update visible. That said, mortals shouldn’t try this workaround lightly; Tampering with MDM has the potential to seriously affect system security, and there is no guarantee that regarding-enrolling the Mac in his workplace will also be smooth.

Can I just manually download the 11.1 update?

A seemingly obvious solution would be to simply download the update package for Big Sur 11.1 directly and apply it manually. Unfortunately, Apple has deprecated combo update packages – there is no manual package to download or install.

As of macOS Big Sur, the updates have been resized and can no longer be installed without Internet access. Update packages must come directly from Apple and they must be managed by the softwareupdate process itself. It’s not even possible to use a custom URL for softwareupdate not anymore.

How or when can I solve this?

Until we have more concrete information about the condition that causes it softwareupdate accidentally requesting 11.0.1 instead of 11.1, there is no guaranteed way to fix the problem. Many users report that after rebooting and trying to upgrade again – in some cases, after rebooting and trying multiple times – the upgrade is successful.

Other users report that removing the MDM profile has completely resolved the issue, although we still consider that a very risky Hail Mary game.

Since it is not possible to manually download and install system updates as user-installed packages in Big Sur, it can be difficult to patch the bug. The bug may not manifest itself when the system asks for a different version number, so maybe an update to 11.2 will bypass the buggy requests and therefore fix the bug in 11.2 without intervention. It would also be possible – if very cumbersome – for Apple to sideload the update in an unrelated patch that doesn’t affect the OS version number.

If all else fails, a full reinstall of Big Sur from the App Store should get you to 11.1 – although it’s a 12.6GB download, and as with any major OS install, you should be absolutely sure. Make sure you have good backups of all your data prior to the attempt.

