Apple、Apple Silicon MacでX11ウィンドウが黒くなってしまう不具合と複数の脆弱性を修正し、2031年まで有効な署名証明書を付けたMac用X Window System「XQuartz v2.8.6 Beta 4」を公開。
apple
| Source: Mastodon | Original article
Apple has issued XQuartz v2.8.6 Beta 4, a signed update to the open‑source X Window System for macOS that resolves a long‑standing rendering bug on Apple Silicon and patches several security flaws. The release, announced by Apple engineer Jeremy Huddleston‑Sequoia on 28 March, adds a code‑signing certificate that remains valid until 2031, a move that signals a renewed commitment to the platform.
The update fixes the “black‑window” problem that has plagued X11 applications running on M‑series chips, where the client window would appear completely dark despite the application running correctly underneath. The bug surfaced after developers began porting scientific visualisation tools, legacy engineering suites and some AI‑related GUIs to Apple Silicon, often via virtualization layers such as Parallels Desktop. In addition, the beta addresses multiple vulnerabilities disclosed earlier this year, ranging from privilege‑escalation paths in the X server to potential denial‑of‑service attacks via malformed X protocol requests.
Why it matters is twofold. First, XQuartz remains the de‑facto bridge for Unix‑originated graphical software that still relies on X11, a niche but vital ecosystem for research labs, developers and power users who cannot yet migrate to native macOS frameworks. Second, the security hardening restores confidence for enterprises that run X11‑based remote desktops or containerised workloads on Macs, especially as Apple Silicon becomes the default hardware in data‑center‑grade Mac mini and Mac Studio deployments.
Looking ahead, the community will be watching for a final stable release and any indication that Apple might bundle a signed XQuartz version with future macOS updates. Integration with upcoming watchOS 26.5, tvOS 26.5 and visionOS 26.5 betas could broaden the reach of X11‑dependent tools across Apple’s expanding device portfolio. Security researchers will also monitor whether further vulnerabilities emerge as the codebase adapts to the ARM architecture.
Sources
Back to AIPULSEN