Half of all Macs will lack access to security updates by summer
Mountain Lion's impending debut means Apple will stop supporting Snow Leopard, unless it changes a decade-old habit
Computerworld - Unless Apple changes its security update practice, nearly half of all Mac users will be adrift without patches sometime this summer.
Apple will launch OS X 10.8, aka Mountain Lion, in the next few months, and then will -- barring a change in a decade-old habit -- stop serving patches to OS X 10.6, or Snow Leopard.
Although Apple has never spelled out its support policy for older operating systems, it has always dropped an edition around the time it has two newer versions in play. If the current OS X is dubbed "n," then "n-2" support ends at the debut of "n."
In other words, patches are provided only to the newest OS X and the one immediately preceding it.
The company has practiced this since OS X's birth: The second iteration, 10.1 -- dubbed Puma -- received its final security update in January 2004, three months after the appearance of OS X 10.4, or Panther.
More recently, Apple snuffed out support for OS X 10.5, aka Leopard, when 10.7, or Lion, shipped. The former got its last security update in June 2011, a month before the latter was released.
If Apple continues this policy, Snow Leopard users will stop seeing patches about the time Mountain Lion ships. Apple has not set a hard date for OS X 10.8's debut, although it has pegged "late summer."
But Snow Leopard currently accounts for 41.5% of all versions of OS X, according to Web metrics company Net Applications' latest statistics. Assuming Snow Leopard's share continues to drop at the average pace of the last six months, it will still power 34.4% of all Macs in August or 32.6% in September.
With earlier editions included, that means 48.4% of all Macs will be without security updates if Apple stops serving Snow Leopard in August. If it continues patching until September, the number sans fixes drops to 45.9%.
Some security professionals see those numbers as too high, and Apple's support lifespan too short.
"[OS X] 10.6 released in August 2009, which means that any Mac purchased prior to that date and not subsequently upgraded will be running a version which receives no security support [Emphasis in origin]," Robin Stevens, part of the University of Oxford's network security team, said in a blog post last month.
"[Apple has] been complacent in terms of their attitude to security and support, especially when compared to their chief competitor [Microsoft]," Stevens added. "By comparison, Apple appear to be making minimal effort, and are putting their customers at risk as a result."
Stevens wanted Apple to commit to a support lifetime of at least five years.
Other experts don't see Apple's support practice as the biggest problem, but instead tagged the company's notorious silence.
- Apple hasn't exhausted its supply of Yosemite betas
- 13 pieces of advice for Yosemite beta testers
- The other Apple economy: $2B in devices on eBay
- Apple sends users scrambling for OS X Yosemite
- Long replacement cycle drags down iPad sales
- Apple unwraps OS X Yosemite public beta Thursday
- Apple grows Mac sales by 18% on the back of the MacBook Air
- Want an Apple watch? Just 3D print one
- What to listen for during Apple's earnings call today
- Mac sales will again outstrip industry average
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Using Cyber Insurance and Cybercrime Data to Limit Your Business Risk This paper examines the challenges of understanding cyber risks, the importance of having the right cyber risk intelligence, and how to use this...
- 5 Tips to Secure Small Business Backdoors in the Enterprise Supply Chain This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- Confront consumerization with convergence Virtualization expert Elias Khnaser spotlights the security, compliance, and governance issues that arise when enterprise users "consumerize" with shadow IT and public cloud...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Mac OS X White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!