Apple explained its security update policy: only the latest OSes are fully patched | Techno Glob

Default wallpaper for macOS 11 Big Sur.
enlarge / Default wallpaper for macOS 11 Big Sur.


Earlier this week, Apple released a document that clarified the terminology and policies surrounding software upgrades and updates. Most of the information in the document isn’t new, but the company does provide an explanation about its update policy that it hasn’t explained before: Despite providing security updates for multiple versions of macOS and iOS at any given time, Apple says only devices running the most recent major operating system versions are fully protected. should be expected to go.

Throughout the document, Apple uses “upgrade” to refer to major OS releases that can add major new features and user interface changes, and “updates” to refer to smaller but more frequently released patches that mostly fix bugs and fix security issues. do (although it can. also enable occasional minor feature additions or enhancements). So updating from iOS 15 to iOS 16 or macOS 12 to macOS 13 is one Upgrade. Updating from iOS 16.0 to 16.1 or macOS 12.5 to 12.6 or 12.6.1 is one Update.

“Due to architecture dependencies and system changes in any current version of macOS (for example, macOS 13),” the document reads, “Not all known security issues are fixed in previous versions (for example, macOS 12).”

In other words, Apple will provide security-related updates for older versions of its operating systems, while only the most recent upgrades will receive updates for every security issue that Apple knows about. Apple currently provides security updates to macOS 11 Big Sur and macOS 12 Monterey along with the newly released macOS Ventura, and in the past, has released security updates to older iOS versions for devices unable to install the latest upgrade.

This confirms something that independent security researchers have been aware of for some time but Apple has not publicly explained before. Joshua Long, Intego’s principal security analyst, has tracked CVEs patched through various macOS and iOS updates for years and generally found that bugs patched in newer OS versions can go months before being patched in older (but still apparently “supported”) versions, when they Patched at all.

This is useful for Mac users because Apple has dropped support for most upgrades for older Mac and iDevice models, which has sped up somewhat for older Intel Macs in recent years (most Macs still receive six or seven years of upgrades, plus another two years of updates. ). This means that new devices are available every year some No security updates either All them. Software like OpenCore Legacy Patcher can be used to get the latest OS versions running on older hardware, but it’s not always an easy process and has its own limitations and caveats.

That said, your calculus for when to upgrade or retire an older Mac probably shouldn’t change dramatically. Most people running an up-to-date Big Sur or Monterey installation with an up-to-date Safari browser should be safe from most high-priority threats, especially if you also keep other apps on your Mac up to date. And Apple’s documentation doesn’t change anything about how it updates old software; It only confirms what has already been seen.

We’ve been asking Apple to be more upfront about its security communications, and this is a step forward in that regard. But if you believe you’re being specifically targeted by attackers, you have one more reason to make sure your software (and hardware) is fully updated and upgraded.

Source link