macOS - Security Update Notifications with "Nudge"
Why "encourage" users to update themselves?
UW System Administrative Procedure 1042.A requires security vulnerability and patch management processes for all UW systems. These processes are necessary to protect systems and data but can be disruptive to users. By notifying users that updates are available and encouraging them to update at a time that’s convenient, we hope to avoid surprises and potential data loss.
Nudge Interface
The Nudge window is configured to maximize clarity for users and will appear when an update is available to be installed. The window announces availability of a security update, the number of days left until updates must be installed, and the number of times a user has deferred the update.
Buttons and Controls
Update Device
“Update Device” launches the Software Update preference pane.
I'm not an admin, can I update?
Yes, Software Updates do not require admin rights to perform unlike an upgrade to a new OS such as from macOS 11 “Big Sur” to macOS 12 “Monterey”
It's asking me to upgrade, what do I do?
If you're running an older version of macOS, the Software Update Preference Pane will advertise an upgrade to the newer operating system. The option for running the update will appear right below this under "Another update is available"
More Info
The "More Info" button will take you to a page with more information about the contents of the update. Note that if you've missed more than one update, there will be even more important updates than just what's included with the latest patch.
Question Mark Box
This provides information about you, your computer, and the version of Nudge.
Defer/I Understand
There is an option to defer Nudge. However, it is encouraged you run updates as soon as you see that they are available in order to keep your system secure.
How do I make Nudge go away?
Update your OS
Nudge will regularly check to make sure the computer has all necessary security updates and will disappear once the updates have been installed. Device Management staff will force out the update at the due date, so it is recommended that users install the updates at a time most convenient for them to prevent unexpected restarts. Once all necessary security updates have been installed, Nudge will no longer show on your computer.
Defer
See the next section for specific intervals, but Nudge can be deferred until a later time. However, it is recommended you perform the update as soon as possible in order to avoid interruptions.
Does Nudge change its behavior over time?
Yes, there are four major time windows to consider.
Normal - A custom deferral option is available up to the day before the date of the required installation date.
Approaching - Between 72 and 24 hours before the required installation date, the custom deferral option is removed.
Imminent - During the final 24 hours, only the "Later" and "One Hour" deferrals are available.
Past Due - Nudge will enter an aggressive mode where all active windows are hidden when the Nudge window displays. Deferrals can only be for a maximum of 1 hour.
Nudge Functionality Overview
Nudge consists of the following three components:
- Nudge.app installed to /Applications/Utilities/Nudge.app
- A Launch Agent installed to /Library/LaunchAgents
- A Configuration Profile distributed by the management system