Attention this weekend to the “water hole” attack on macOS and Apple’s response across the macOS platform. Part of macOS update (or any operating system) is to fix any weaknesses and address security concerns.
According to Andrew Cunningham, “News is circulating today, both through a report by Vice President and a post from the Google Threat Enforcement Group on MacOS Catalina, from a” well-founded “and” government-sponsored “group from targets visitors to pro-democracy websites in Hong Kong. “
Aside from the political implications of weakening, you need to discuss how Apple addressed this problem.
The normal advice is to keep your current operating system as low as possible, and Apple will continue to send “Updated Now” messages to Mac owners. Unfortunately, for Apple’s approach to security updates, this view is rather problematic.
Not everyone can update to the latest version of macOS. For these customers, Apple continues to release security updates for older applications, and the general view (although not confirmed) is that security updates will be offered for two more years after the application cannot be upgraded to a new operating system. .
Apple apparently made a bad decision. The above vulnerabilities were hidden in macOS Big Sur on February 1 of this year, but not simultaneously in MacOS Catalina. Security analyst Josh Long writes:
“This is the only secret for Catalina on September 23rd. Not mentioned: This is 234 days after #Apple patched the same thing [vulnerability] for Big Sur. Apple chooses the one that is random [vulnerabilities] They patch for dual adult macOS [versions] consumer risk. “
I am trying to see how Apple can reverse this significant delay in the security of its customers’ computers while saying it offers the most secure platforms possible.