Safari 5 and Snow Leopard Security Updates

[thundersteele]

Not exactly sure where to put this, so I put it in the general OSX section.

I was wondering if Apple was still issuing security updates for Safari 5 (5.1.7) and Snow Leopard in general.

I know that there are a number of security issues with Safari 6.0 that are being fixed with the 6.0.1 update (my workplace sends me security advisories about that kind of stuff). Similarly they recommend that I upgrade to 10.7.5 on my Lion machine.

What I am concerned about is whether those issues are also present in Safari 5 and/or Snow Leopard, and more general, whether I should upgrade all machines to at least Lion to get regular security updates.

Thanks


PS: Unfortunately the reason I am concerned is a phishing email that had just too much correct information... and I'm trying to figure out how that information was obtained.

 

[thundersteele]

Ok, turns out the too good phishing email was not a scam, but actually came from the bank.

I would still like to know if SL still gets security updates, or if the release of ML ended that?

 

[petisjioweelsha]

Generally, Apple only provides security updates for the current and one previous OS versions. So that would mean that 10.6 is now unsupported.

However, they did just release Security Update 2012-004 on September 19, 2012 specifically for 10.6, thus breaking the above policy. I'm not sure if this signals the beginning of a new policy or if it was just a one time thing.

The 2012-004 update patched a number of system vulnerabilities, but as far as I can tell, it did not address the Safari/Webkit issues that were fixed in Safari 6.0/6/1. Safari on Snow Leopard is still at 5.1.7 and Safari 6.x is only available for Lion and Mountain Lion.

So, what we seem to have now is a partially patched situation for Snow Leopard with Safari seemingly left unpatched.

 

[Mr. Retrofire]

...Safari seemingly left unpatched.

Use Firefox! ;-)