Apple yesterday (Oct. 16) quietly patched the recently disclosed POODLE flaw in OS X 10.8 Mountain Lion and OS X 10.9 Mavericks, and also bundled in the patch for the Shellshock flaw, which had previously been released by itself.
At the same time, Apple appears to be dropping support for the three-year-old OS X 10.7 Lion, a predictable move as yesterday also saw the release of Apple's latest desktop OS, 10.10 Yosemite. It seems to consider Yosemite a security patch in and of itself; the Apple Security Updates pagelists Yosemite as available for "Mac OS X v10.6.8 [Snow Leopard] and later."
Users who upgrade to Yosemite will get fixes to more than 40 additional flaws, some of them severe, including a code-signing vulnerability, a QuickTime flaw, a Wi-Fi password bypass, a Bluetooth authentication flaw, about 10 kernel flaws and the weakness that let September's celebrity-selfie thieves brute-force PINs to iCloud accounts.
By giving users of Mountain Lion and Mavericks fixes for only the most widely publicized vulnerabilities, and users of Lion nothing at all, Apple clearly hopes to force users of older Macs to move up to Yosemite, which is a free download.
The system-requirement jump to Yosemite is less severe than with previous operating-system updates: Yosemite is theoretically able to run on any Mac that could run Mountain Lion, and even some that could run Snow Leopard, although the Handoff and Instant Hotspot features, for example, can't run on Macs made before 2012.
For a full list of compatibility requirements, check Apple's How to Upgrade page.
0 comments:
Post a Comment