IE 11 is not supported. For an optimal experience visit our site on another browser.

Apple Issues Surprise Security Updates for Leopard Users

Apple has thrown a bone to Mac owners left unprotected against the Flashback malware family — but only some of those users will be getting help.
/ Source: SecurityNewsDaily

Apple has thrown a bone to Mac owners left unprotected against the Flashback malware family — but only some of those users will be getting help.

On Monday (May 14), Apple quietly released two security updates for Mac OS X 10.5 Leopard, a nearly five-year-old release that Apple had otherwise abandoned. (Apple generally supports only the two most recent OS X releases.)

The security updates remove and protect against the Flashback malware family on Leopard machines, and disable older versions of Adobe Flash Player. Similar updates had previously been released for Mac OS X 10.6 Snow Leopard and 10.7 Lion.

The catch is that only Intel-based Macs will get the Leopard security updates. Older Macs that have  PowerPC-based central processing units, which Apple sold until 2006, will still be out in the cold.

[ FAQ: The New Mac Virus and Apple Anti-Virus Options ]

However, it's not clear whether PowerPC Macs can be infected by the Flashback malware at all. The most prevalent route of infection is via a security flaw in Java, the application platform designed to run on any operating system, but the flaw may exist only in versions of Java never released for PowerPC Macs.

There are tens, and perhaps hundreds of thousands of perfectly working PowerPC Macs still being used, but they can't be upgraded to Snow Leopard or Lion because Apple never created PowerPC-compatible versions of those releases.

Leopard was still running on nearly 14 percent of Macs last month, according to the StatOwl website, which did not break those numbers down between Intel and PowerPC-based systems.

Apple has been widely criticized in recent weeks for its seemingly cavalier attitude toward security updates. The Java flaw that exposed Macs to the most successful variant of Flashback was discovered in January and patched on Windows and Linux machines in February, but Apple did not patch it on Macs until April, after an estimated 600,000 Macs had been infected.

By extending security support to older machines and operating systems, Apple is taking a page from the Microsoft handbook. Microsoft has been trying to wean millions of users from Windows XP, but plans to continue supporting the release with security updates until April 2014, more than 12 years after XP was first released.

Granted, at $30 each, Mac OS X upgrades are much less expensive than Windows upgrades, which start at $99.

With the increasing prevalence of malware targeting Macs, Apple may need to rely on Mac anti-virus software vendors to supplement its efforts, much as Microsoft does with the multi-billion Windows anti-virus software industry.

An email to Apple asking whether PowerPC-based Macs would also be patched against Flashback was not immediately returned.