Voir en

français

Computer Security: Mac security: nothing for old versions

A fundamental pillar of computer security is the regular maintenance of your code, operating system and application software...

|

 
 

Only software which is up-to-date should be free from any known vulnerabilities and thus provide you with a basic level of computer security. Neglecting regular updates is putting your computer at risk – and consequently your account, your password, your data, your photos, your videos and your money. Therefore, prompt and automatic patching is paramount. But the Microsofts, Googles and Apples of this world do not always help…

Software vendors handle their update policy in different ways. While Android is a disaster – not because of Google, but due to the slow adaptation of many smartphone vendors (see “Android’s Armageddon”) – Microsoft provides updates for their Windows 7, Windows 8 and Windows 10 operating systems through their “Patch Tuesday” rollouts. All you need to do is have the automatic “Windows Update” feature enabled (it is by default!). While automatic updates are also provided to Apple Macs by default, they have a more restrictive (but undocumented) policy for their Mac OS: Apple provides security fixes mainly for the latest version of OS X (also dubbed “El Capitan”). Any older versions of MacOS either receive no security updates at all, or do so for only a few of the known vulnerabilities!

Thus, don’t just “feel” secure, even if Apple are still providing some security updates for OS X 10.9 and 10.10. They are not resolving many other known security issues for those versions. And worse, the fact that Apple still provides some software updates  – but no security updates – for even older versions of the OS does not mean that these OS versions are still supported. They are not. Hence, any versions of OS X other than 10.11.3 are vulnerable today to any kind of cyber-attack (e.g. when browsing malicious webpages, when installing malicious software or reading malicious e-mails, etc.). If your Mac happens to run another version than the latest, “El Capitan”, (you can check under the Apple Menu and choose “About This Mac”), we strongly recommend that you upgrade it as soon as possible. Just visit this page. However, please note that “El Capitan” might be incompatible with certain, mainly older, software packages. You can find known issues here. Still, upgrading is always the best course of action.


For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.

Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report


Access the entire collection of Computer Security articles here.