Are old Macs still protected as long as we update to the latest security patch whenever available?

[hajime]

Hi, I am using my MacBook Pro 17" 2010. It is running macOS High Sierra Version 10.13.6. I recall that when I took out the old computer few weeks ago, a security patch was available and I updated it.

For how many years does Apple provide security updates for older Mac running older OS?

Am I correct that as long as I update to the latest security update, even my computer is running older OS such as 10.13.6, it is still protected against virus and other security risks? How often does Apple provide such security updates?

 

[TehFalcon]

Apple hasn't released a security update for High Sierra since November 2020. Whatever update you got was an old one that you just hasn't had installed yet.

So no, I wouldn't say its protected. Just be mindful of what you do, click, download, and install on the internet and you'll be fine.

Apple Generally only provides security updates for macOS for 2-3 years, except in rare cases where theres a severe widespread vulnerability.

 

[jazz1]

Apple hasn't released a security update for High Sierra since November 2020. Whatever update you got was an old one that you just hasn't had installed yet.

So no, I wouldn't say its protected. Just be mindful of what you do, click, download, and install on the internet and you'll be fine.

Apple Generally only provides security updates for macOS for 2-3 years, except in rare cases where theres a severe widespread vulnerability.

Good point, so would third party anti-malware fill the gap?

 

[hajime]

Apple hasn't released a security update for High Sierra since November 2020. Whatever update you got was an old one that you just hasn't had installed yet.

So no, I wouldn't say its protected. Just be mindful of what you do, click, download, and install on the internet and you'll be fine.

Apple Generally only provides security updates for macOS for 2-3 years, except in rare cases where theres a severe widespread vulnerability.

Thanks for mentioning that. It looks like it was a secret update for 2018! So I guess my computer is not protected.

About the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan - Apple Support (CA)

This document describes the security content of macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan.

support.apple.com

 

[hajime]

Good point, so would third party anti-malware fill the gap?

Which would be a good one? I used Intego over 10 years ago. Nothing happened. Not sure if it protected my Mac or just simply at that time, not many Mac users and less trouble for Mac.

When I took out this computer, it had a free version of Malwarebytes installed. When I updated the virus definition, it upgraded the software also and prompted me to pay.

 

[Juicy Box]

“Protected” might be misleading and may give a false sense of security.

Saying “more secured” would be more accurate.

If you would like a more secured device, I would use Firefox over Safari. Firefox is still supported on High Sierra, and still gets security updates.

 

[hajime]

So Apple gives OS upgrade to Macs of no longer than 5-6 years old? So given that we can't upgrade the hardware of Apple Silicon Mac nor bootcamp to Windows, basically life of Apple Silicon Macs is about that long and we need to buy a new computer from Apple every 5-6 years?

 

[Juicy Box]

So Apple gives OS upgrade to Macs of no longer than 5-6 years old?

Depending on what you call “upgrade”, it can be much longer.

Some macs had over 10 years of updates, such as the Late 2009 iMacs which has native High Sierra support which was last updated in 2020.

There are older Macs than 2009 that can run High Sierra using a patch.

 

[Juicy Box]

So given that we can't upgrade the hardware of Apple Silicon Mac nor bootcamp to Windows, basically life of Apple Silicon Macs is about that long and we need to buy a new computer from Apple every 5-6 years?

Unless something changes, the answer is no.

When your Mac is no longer supported with security updates (which Apple doesn't really ever say when that is), that doesn't automatically make your Mac a big security risk, and it definitely doesn't mean that your Mac is unusable. It just means that as time goes on, the security offered by the OS and built-in browser decreases.

Most security concerns for the general user can be mitigated by using a web browser hat still gets security updates.

 

[Juicy Box]

BTW, I have a lot of older Macs that are daily used. Most are on High Sierra most of the time (I have multiple OSs that I boot from on my computers), as it is a rock solid OS. I have my oldest daily used Mac, the 2006 Mac Pro 1,1, on El Capitan using the 32bit bootloader patch.

Actually, only one of my Macs is currently running a MacOS that still gets security updates from Apple, my M1 Mac Mini on Big Sur.

 

[Shh]

Good point, so would third party anti-malware fill the gap?

I highly recommend Malwarebytes: https://www.malwarebytes.com/mac

 

[Juicy Box]

Good point, so would third party anti-malware fill the gap?

I wouldn't recommend anyone not to use third party anti-malware SW, and that isn't the point of me posting what I am about to post, but I wanted to share my history with using anti-malware SW.

A very long time ago, maybe 15 years ago, I had my WoW account "hacked". I still don't know how it happened, but in retrospect, it was probably brute forced. I had a pretty weak PW at the time.

Anyways, I started to get paranoid that I had keyloggers, spyware, or something on my computer, and I got a SW that was recommended on the old MacLife forums that are now gone.

I did the scan, and got nothing. I did a daily scan on my Macs using this paid SW for years, and never got one hit. I tried a few other SW that was free, but still nothing.....

Until two years ago, the day I connected a cheap toddler digital camera that I got my little girl on Amazon to one of my Macs. I was still a little paranoid all those years later, and ran the anti-malware SW when I connect a new device to my Macs, and sure enough, I finally found some malware, two actually.

But was for Windows, and harmless to a Mac....

I still run the free stuff all the time on my Macs, just in case, but I no longer have it on a daily schedule like I used to after the WoW account being compromised.

 

[Siliconguy]

Depending on what you call “upgrade”, it can be much longer.

Some macs had over 10 years of updates, such as the Late 2009 iMacs which has native High Sierra support which was last updated in 2020.

There are older Macs than 2009 that can run High Sierra using a patch.

The 2012 Mac mini is still supported for a few minutes yet. Its upgrades stopped with Catalina and security updates for that are about to run out.

The 2014 Mini is still supported with Monterey, and so should have 2 more years of security updates.

Since the 2014 mini was sold until late 2018, it should be supported for Ventura as well, but Apple ended that level of support a year earlier.

 

[Jumpthesnark]

So Apple gives OS upgrade to Macs of no longer than 5-6 years old? So given that we can't upgrade the hardware of Apple Silicon Mac nor bootcamp to Windows, basically life of Apple Silicon Macs is about that long and we need to buy a new computer from Apple every 5-6 years?

Remember that these security updates are for more recent browsers and OS versions than you have, for a reason. There is probably not a lot of malware being written that's going to target a 12-year-old Mac running an OS that's four versions old.

Depending on the vulnerability, a new threat could affect you, but it's definitely not a slam dunk.

 

[ThomasJL]

Apple only supports three macOS generations at any given time: the current macOS and the two that preceded it.

 

[hajime]

Apple only supports three macOS generations at any given time: the current macOS and the two that preceded it.

So three, rather than 5-6 years?

 

[ThomasJL]

So three, rather than 5-6 years?

Yes, that’s correct. Since macOS is now on a yearly release schedule, each macOS is only supported for three years.

 

[Madhatter32]

So Apple gives OS upgrade to Macs of no longer than 5-6 years old? So given that we can't upgrade the hardware of Apple Silicon Mac nor bootcamp to Windows, basically life of Apple Silicon Macs is about that long and we need to buy a new computer from Apple every 5-6 years?

Bingo. It's called planned obsolescence. Apple unofficially supports the three most recent versions of MacOS, but the most recent will always be the most protected. To maintain a top security profile your practice should always be to make sure you are running the most recent OS. Short of that, you should make sure that the OS you are using is still receiving security updates -- which is generally good enough for the vast majority of users.

So, for example, my 2014 can operate Big Sur -- the most recent OS that device can run according to Apple. So, technically, it will still be protected until Big Sur no longer receives security updates which will probably be next year (fall 2023). That would give this device a security a life cycle of 9 years.

 

[singularity0993]

Good point, so would third party anti-malware fill the gap?

NO. Antimalware does not protect against vulnerabilities. It only protects you from malware that pretends to be legitimate software. The difference is that the latter disguise itself as good software so you would run it yourself, while most vulnerabilities provide a way for malware to execute without your consent (or even knowing).

Technically there is very few way to defend against a malware that is already executing on your computer, as it can usually find ways to gain higher privilege than your antivirus software ( google rootkit ) and hide itself perfectly. The only way to detect a malware that is already executing is to run an offline scan, where you use another computer to scan the storage of the infected computer (when it’s turned off). But even if you are able to remove the malware, it can still infect your computer using the same vulnerability again and again, until the vulnerability gets patched.

So antimalware definitely won’t be able to fill the gap, your best option would be to disconnect the vulnerable computer from the internet, making it impossible for hackers to exploit the vulnerability.

 

[Odessa]

You could still install linux on it, although I reckon it doesn't have all the nice apps macOS has, basics works. And it will have all the latest security patch. Could be a possibility for one machine where security matters more.

 

[loby]

People are concerned more so about security now a days and is a good way to get people paranoid and to buy new computers. Makes the industry move and more $

Yes, it is getting worse as the years go bye…but…we are still at the point that if we practice “basic common sense” protection measures, even “older” OS’s and devices are generally “safe”.

Just know if you go to “certain” websites or download software or apps from questionable websites, that can be potential problems (like porn sites, hack or pirated software and apps etc.). Websites that you would not want the general public to know that you go too would be a good indicator to be careful etc. or will be questionable.

General common or public accepted websites that are used by the general public are still hard to and are rarely hacked today still…. but the days are coming where fake IPs and websites will be easily done and probably security will be needed (but I think we still have some time before a virus or malware etc. can just “jump” on our devices.

But we are not there “yet”, so the general users are probably ok still if people “think” before doing…but thinking now is becoming a difficult thing and too much effort or energy for many now-a-days…

 

[AlixSPQR]

What about Gatekeeper? Is that updated in the background also on unsupported macs, or not?

 

[Bug-Creator]

So three, rather than 5-6 years?

Nope.

Age of your Mac when it gets dropped from new OS plus 2-3 years.

 

[MajorFubar]

So Apple gives OS upgrade to Macs of no longer than 5-6 years old? So given that we can't upgrade the hardware of Apple Silicon Mac nor bootcamp to Windows, basically life of Apple Silicon Macs is about that long and we need to buy a new computer from Apple every 5-6 years?

That's not what he said. He said the OS's receive updates for 2-3 years.
A new Mac can usually expect to be eligible to download the latest OS for 5-6 years from launch.
Then having downloaded the latest OS it can run, in your case High Sierra, you get 2-3 years after that of security and vulnerability updates to that OS. So about 8-9 years all-in.
That's pretty-much class-leading.

 

[Love-hate 🍏 relationship]

“Protected” might be misleading and may give a false sense of security.

Saying “more secured” would be more accurate.

If you would like a more secured device, I would use Firefox over Safari. Firefox is still supported on High Sierra, and still gets security updates.

Can't you use safari tech preview in order to get latest safari on previous macOS iteration?