apple
Earlier this week, Apple introduced document clarifying its terminology and policies around software updates and updates. Most of the information in the document is not new, but the company has made a clarification about its update policy that was not previously disclosed: although Apple provides security updates for multiple versions of macOS and iOS at any given time, it says. only devices running the latest major operating system versions should expect to be fully protected.
Throughout the document, Apple uses “upgrade” to refer to major OS releases that can add major new features and user interface changes, and “update” to refer to smaller but more frequent patches that mostly fix bugs and address security issues. ” (although they can be). sometimes also enable minor feature additions or improvements). So, upgrading from iOS 15 to iOS 16 or macOS 12 to macOS 13 improve. Upgrading from iOS 16.0 to 16.1 or macOS 12.5 to 12.6 or 12.6.1 update.
“Due to architecture dependencies and system changes, any current version of macOS (e.g. macOS 13),” the document says, “not all known security issues are addressed in previous versions (e.g. macOS 12).”
In other words, while Apple will provide security updates for older versions of its operating systems, only the latest upgrades will receive updates for every security issue that Apple is aware of. Apple is currently releasing security updates for macOS 11 Big Sur and macOS 12 Monterey alongside the new releases. macOS Venturaand in the past, it has released security updates for older iOS versions for devices unable to install the latest updates.
This confirms one thing independent security researchers have been aware for some time but Apple had not previously gone public. Intego Senior Security Analyst Joshua Long has tracked CVEs patched with various macOS and iOS updates for years, and has generally found that bugs patched in the newest OS versions can go months before patching in older (but still “supported”) versions. generally patchy.
This is relevant for Mac users as Apple drops support for older Mac and iDevice models in most upgrades. slightly sped up for older Intel Macs in recent years (most Macs still get six or seven years of upgrades, plus two more years of updates). This means that every year there is still a new batch of devices available some of them security updates, but no garlic From them. software such as OpenCore Legacy Patcher can be used to get the latest OS versions running on older hardware, but it’s not always a straightforward process and has its own limitations and caveats.
That said, it probably shouldn’t change your calculations drastically when to upgrade or stop using an old Mac. Most people running the latest installation of Big Sur or Monterey with the latest Safari browser should be protected from high-priority threats, especially if you’re also updating other programs on your Mac. And Apple’s documentation doesn’t change anything related to updating old software; it simply confirms something that has already been observed.
We’ve asked Apple to be more open about its security communications, and this is a step forward in that regard. But if you believe you’ve been specifically targeted by attackers, you have another reason to make sure your software (and hardware) is fully updated and upgraded.
