asking for a friend (and please don’t laugh), does this mean that anyone with an older operating system than Catalina is vulnerable to the Pegasus virus?
This is my question as well.
There are two possibilities:
-
The older operating systems are not vulnerable. Apple would have released a version for Mojave at least, since it’s still doing security updates that far back. And the company has released updates to iOS 12 for the same reason.
-
The updates for older operating systems may still be coming. It seems that Apple just learned about this zero-day, zero-click exploit and has been working around the clock to fix it. The current operating systems are by far the most important, so it’s possible we’ll see security updates for at least Mojave and iOS 12 in the next few days.
1 Like
Never mind, I got macOS 11.6 installed this morning. I should have guessed that everyone, their mothers, and other sentient beings were all trying to download at once.
1 Like
It’s a complete guess, but I would think that Apple would say the older operating systems are not vulnerable if that were the case.
Still a complete guess, but this seems more likely to me.
Yes, it appears that there are slightly different build numbers depending on what machine and OS you’re on. But I guess the real point is to trust Apple for this sort of update. Even though it looks like you’re updating 14.1.2 to 14.1.2, if software update says there’s a difference, assume there’s a difference.
That’s my guess as well, based on past security updates, where the Mojave (and earlier in cases there were ones for versions earlier than Mojave) update showed up a few days after the Catalina/Big Sur updates. It is a guess, but it would match what Apple has done in the past.
I’ll go ahead and update, and I guess see if more appears in the next few days. Thanks!
Updated devises. My iPhone 12 always defaults
“Do not disturb” no matter what I do.
My series 6 watch now displays a watch face that I have never set. When I set the watch face I have when the watch goes to sleep it again changes back to new default.
Any one have a suggestion to correct?
With most Security Updates there are examples of older OS versions being left out and I don’t remember a single instance of Apple telling us whether it was because they were not vulnerable or just being ignored. In a few instances, an independent person will post that they have determined that an older OS is or is not vulnerable, but never Apple.
2 Likes
Agreed. I’m sure Apple doesn’t do this for security reasons. If they are ignoring the problem, they don’t want to alert the bad guys to that fact. And Apple never says anything about obsolete operating systems other than in support documents that become necessary for some reason.
Thanks for the correction. I’ll expect no comment.
1 Like
My practice for many years is to pin several apps to specific desktops on my Macs. In particular, I pin Apple Mail to Desktop 1 and Safari and Twitterific to Desktop 2. I leave Desktop 3 as a bland slate and pin Music to Desktop 4. I also keep a few blank desktops after Desktop 4.
MacOS 11.6 moved Apple Mail to Desktop 3 on my MacBook but left it in place on my iMac. Of course, it was easy to fix in Mission Control, but somewhat mystifying.
I found this article to be interesting. It explains why it took so long for Apple to fix the Pegasus back by NSO.
Apple don’t have direct access to iMessages. They are truly encrypted from end to end. Thus, unless NSO attacked Tim Cook’s iPhone, they didn’t know the way the hack worked.
This timeline provides how quickly Apple turned this around.
- March 2021: Citizen Lab examined an iPhone of a Saudi activist who thought they were hacked by NSO. Citizen Lab was able to obtain an iTunes backup of the iPhone.
- September 7, 2021: Citizen Lab turned over the artifacts to Apple with their notes.
- September 13, 2021: Apple issues patch.
The article is here.
1 Like
My elderly neighbor had to take her elderly iPhone into the local Apple store and have them assist her with the update. It took two hours. She says she was told there will be another iPhone update in a week or two and she will have to bring her phone in again when that pops up and fails.
Her issue is probably that her home computer is an elderly Windows box and her iPhone was too full and needed more gigabytes of free memory. But it’s a bit hard to figure out, they did not give her any written instructions she can follow at home, though she asked.
And this appears to have been the correct choice:
1 Like
Not completely true. The iOS 12 update did address older hardware, but the only macOS update was Security Update 2021-006 Catalina which addressed a different vulnerability apparently unrelated to Pegasus. There still has been no update for macOS Mojave and earlier.
And I’m curious about what will happen with Mojave, since Apple is still supporting it with security updates until Monterey ships.
Lots of us are watching to see if Mojave is still receiving Security Updates, but it’s not really clear that Apple has an obligation to provide them until Monterey release. Howard Oakley has already counted them out in his recent blog How long does Apple support macOS? which shows Mojave as having the shortest Security Update period in recent times.
I wouldn’t call Apple providing updates to older systems an “obligation”, but rather a convenience to users of those systems to safely continue using them. Obviously not something in their best business interests, so my expectations are low. 