CIO Today HOME LATEST NEWS NEWSLETTERS SEARCH Search
  LATEST NEWS FOR SUNDAY FEBRUARY 26

Close Search Box
CIO Today
DATA SECURITY
Apple Stops Security Fixes for Snow Leopard Mac OS
Posted February 27, 2014
Apple Stops Security Fixes for Snow Leopard Mac OS
Next Story
EARLIER
Scandalous: U.K. Spies Target Yahoo Webcams
THIS STORY
Apple Stops Security Fixes for Snow Leopard Mac OS
Next Story
LATER
Identify Theft Tops FTC's Consumer Complaints in 2013
YOU ARE HERE:   HOME arrow DATA SECURITY arrow THIS STORY
NEWS OPS

By Jennifer LeClaire. Updated February 27, 2014 2:00PM

SHARE

ALSO SEE

Now that the security drama around the "gotofail" bug is behind Apple, headlines are trumpeting what could turn into another issue for the tech giant. Apple is no longer issuing updates for Mac OS X 10.6, also known as Snow Leopard.

Much like Microsoft is ending free support for Windows XP and urging customers to upgrade, Apple will no longer send out software fixes that keep users safe from cyber criminals and malware.

Apple released the Snow Leopard operating system in 2009. Like Windows XP, the OS X version remains popular with Mac users. According to Net Applications, 19 percent of Mac computers still run Snow Leopard.

You Can Upgrade Free

For those still running Snow Leopard, the company offers a free upgrade to OS X Mavericks, the latest version of its Mac operating system, on its Web site. Mavericks is the first operating system upgrade Apple has made available for free.

Snow Leopard has remained popular despite the free-upgrade offer. There are several possible reasons Mac users have held on, including early bugs and consumer unhappiness with changes in Mavericks; also, Snow Leopard was the last version of OS X able to run applications designed for the PowerPC processor, the CPU used by Apple before it switched to Intel processors in 2006.

Additionally, Snow Leopard was the last OS version able to run on Macs equipped with 32-bit Intel processors, making it impossible for owners of the older machines to upgrade beyond OS X 10.6.

Apple as a rule does not announce when it ends support for older OSes, but simply stops issuing security fixes for them. That is the case with Snow Leopard, as its latest fix issued Tuesday, which addresses more than 21 security vulnerabilities, was not available in a version for Snow Leopard.

Fixing the Failure

Apple's fix Tuesday addressed a critical SSL flaw for Mac computers to protect users' personal information from being stolen by hackers. The "gotofail" flaw could open a door for hackers to access a victim's communications, including FaceTime video chats, e-mail addresses and address book appointments, and even Find My Mac tracking information.

The security update, OS X version 10.9.2, fixes the flaw in OS X Mavericks as well as the older Mountain Lion.

"The bug was caused by a line of C code that says 'goto fail,' which was a self-descriptive irony too amusing to ignore," writes Sophos security analyst Paul Ducklin in a blog post. "So the bug quickly became known as the 'gotofail,' or even the 'double-goto-fail.' (The error was that the line appeared twice instead of once.)"

Tell Us What You Think
Comment:

Name:

Jim Gilliss:
Posted: 2014-02-27 @ 3:45pm PT
I have tried twice to download the free upgrade, yet somehow my Apple ID and password do not match my current machine. E-mails to Apple go unanswered.

MORE IN DATA SECURITY

Next Article >

NETWORK SECURITY SPOTLIGHT
This Spotlight
Is Brought to You By:

INSIDE CIO TODAY NETWORK SITES SERVICES BENEFITS