Apple released a document clarifying its security patch policy. Although most of the information isn’t new, Apple clarified one aspect it hasn’t before. Older versions of macOS and iOS receive security updates, but only devices running the most recent versions should expect to be completely protected.
Apple released the document earlier this week. Apple explicitly said that only the newest version of its operating systems will be fully patched and have all security features enabled. Older versions still get security updates, though some fixes may be missing.
“Because of dependency on architecture and system changes to any current version of macOS (for example, macOS 13), not all known security issues are addressed in previous versions (for example, macOS 12)”, the document reads.
Analysts dissect the document
Apple’s policy regarding security patches has been discussed by analysts for some time. Joshua Long, Chief Security Analyst at Inego, has closely monitored bug fixes and patches to iOS and macOS for years.
Long found that although older products generally receive modern security patches, a legacy device may have to wait months before receiving the same security fix of a modern operating system version. The document confirms Long’s findings.
While the document underscores that security isn’t guaranteed on older devices, Apple’s policy doesn’t have to be deciding factor for how long you use a product before updating to a newer machine.
Running an up-to-date Big Sur or Monterey operating system, an up-to-date Safari browser and up-to-date Mac apps should protect against most critical threats.
However, if you believe you’re specifically targeted by attackers, running the latest version of an operating system can provide comfort.