The wait for the latest macOS 14 update is finally over. The newest macOS Sonoma update comes with a plethora of security and privacy features intended to make your computing environment safer. Apple users can now explore new video conferencing features and advanced game mode, enable password and passkey sharing, and so much more.

While there’s plenty of excitement that comes with an update like this, it’s important to proceed with caution. Managing bulk deployment or deferral of OS updates in your organization’s production environment can be a complex task. This underscores the importance of having a reliable endpoint management and security system in place.

Endpoint Central to the rescue!

ManageEngine Endpoint Central is a UEM solution designed to manage and secure a wide range of devices like macOS, Android, iOS, Windows, Linux, and IoT devices. These devices are managed during their entire life cycle, from onboarding to the last stage of decommissioning. With an inbuilt security suite, Endpoint Central also safeguards devices against any number of threats with just a few clicks.

Note: If you have not upgraded to the latest version of Endpoint Central, it is recommended that you upgrade to the latest version to ensure complete support for the new OS.

How to upgrade your endpoints to macOS Sonoma using Endpoint Central

Admins can deploy the patch for upgrading the OS for their organization’s endpoints using the patch management feature in Endpoint Central. Before installing an upgrade, it is always recommended to create a backup of your machines. To create a backup of your Mac devices, you can use Time Machine.

Prerequisites for deploying macOS Sonoma across your endpoints

  1. System requirements: macOS10.13 or later

  1. Compatible systems:

  • iMac (2019 and later)

  • iMac Pro (2017)

  • MacBook Air (2018 and later)

  • MacBook Pro (2018 and later)

  • Mac Pro (2019 and later)

  • Mac Studio (2022 and later)

  • Mac mini (2018 and later)

To upgrade your Mac devices to macOS Sonoma via patch deployment, deploy the patch given below:

  • Patch ID: 605841

  • Patch description:  Upgrade to macOS Sonoma – Intel and Silicon


  • The patch will only be shown in compatible systems under Missing Patches after a successful DB sync.

  • For Apple silicon machines, all end users will receive a prompt to enter the password for the deployment to proceed. They will be asked to enter the password during deployment.

How to postpone the macOS Sonoma upgrade using Endpoint Central

To postpone the upgrade of the current macOS in endpoints, admins can deploy the block configuration to block applications from running in their environment using Endpoint Central.

Refer: How to deploy a configuration to defer the upgrade to MacOS Sonoma using Endpoint Central


  • Bundle identifier:

  • Installer name: Install macOS Sonoma

To avoid automatic OS updates, follow the steps given below:

  • Deploy from the script repository to Mac devices to disable auto updates.

  • Use the System Preferences computer configuration and Restrict Software Update to block users from manually updating the current OS to MacOS Sonoma.

Get unparalleled security with macOS Sonoma and Endpoint Central

Pairing Sonoma with Endpoint Central presents a robust solution for streamlined endpoint management and security. Sonoma’s groundbreaking performance upgrades and advanced security features are seamlessly complemented by Endpoint Central’s comprehensive security suite. Through centralized control, rapid incident response, and top-notch security, this dynamic duo will optimize computer speed, enhance defenses against emerging threats, and ensures compliance with ease. The result? An efficient, secure computing environment ready to meet the demands of today’s dynamic business landscape.