Most active commenters
  • chris_wot(3)
  • wannacboatmovie(3)

←back to thread

Apple Confirms Zero-Day Attacks Hitting macOS Systems

(www.securityweek.com)
262 points fortran77 | 13 comments | 20 Nov 24 00:26 UTC | HN request time: 0.84s | source | bottom
Show context
acdha ◴[20 Nov 24 00:43 UTC] No.42189685[source]
Interesting that they’re mentioned as only being exploited on Intel. Has anyone seen whether that’s because the attacker only targeted that platform or is it actually stopped by something like pointer protection?
replies(3): >>42189761 #>>42189809 #>>42189932 #
justinclift ◴[20 Nov 24 01:02 UTC] No.42189809[source]
Doesn't seem to completely line up that they're rushing out iOS updates (ie for phones, etc) for something they're saying they've only confirmed on Intel cpus.

Unless they're assuming it's exploitable on Apple Silicon as well, or are being extra careful just in case.

replies(7): >>42189876 #>>42189883 #>>42190175 #>>42190448 #>>42190733 #>>42190776 #>>42190850 #
2muchcoffeeman ◴[20 Nov 24 01:16 UTC] No.42189876[source]
There must be millions of Intel Macs still around. Why wouldn’t they update it?
replies(2): >>42189894 #>>42189940 #
wannacboatmovie ◴[20 Nov 24 01:26 UTC] No.42189940[source]
Well for starters, they stopped providing any updates for many perfectly functional Intel Macs years ago for no other reason than planned obsolescence. A side effect of the "they make both the hardware and software that's why it's better" paradigm.

Things like OpenCore Legacy Patcher prove it's possible; they just don't want to.

I don't think anyone feels entitled to new features in perpetuity. Security updates only would be fine thank you.

Don't tell me the richest company in the world can't pay for a couple of developers who just want to rest and vest to take care of and test the legacy platforms. A cushy job and you keep the customers happy.

Ironically the best way to stay safe on these computers is to install Windows or Linux.

replies(2): >>42190072 #>>42190100 #
1. threeseed ◴[20 Nov 24 01:51 UTC] No.42190100[source]
Sequoia is supported on most Intel Macs going back to 2018.

And it's far more than just a "couple of developers" to support older operating systems.

replies(4): >>42190136 #>>42190288 #>>42190415 #>>42190652 #
2. chris_wot ◴[20 Nov 24 01:55 UTC] No.42190136[source]
Not on Macbook Airs that are only 3-5 years old though. We have a number that we plan on replacing after EOY, but we are still using for now. Can't get Sequoia.
replies(3): >>42190167 #>>42190514 #>>42200877 #
3. password4321 ◴[20 Nov 24 01:59 UTC] No.42190167[source]
Not really suitable for a corporate environment but in case you weren't aware:

https://github.com/dortania/OpenCore-Legacy-Patcher

macOS Big Sur and newer on machines as old as 2007

macOS Big Sur, Monterey, Ventura, Sonoma and Sequoia

replies(1): >>42190310 #
4. fouc ◴[20 Nov 24 02:25 UTC] No.42190288[source]
my favorite Intel MacBook is from 2015
5. chris_wot ◴[20 Nov 24 02:29 UTC] No.42190310{3}[source]
Nice. Yeah, never going to fly here :( pity
6. wannacboatmovie ◴[20 Nov 24 02:49 UTC] No.42190415[source]
You act as if we should be thankful for 6 years of support when the hardware and sane support cycles easily exceed 10 years. And those aren't 6 years of security updates; they are 6 years of forced yearly feature upgrades and breaking things along the way.
replies(1): >>42190490 #
7. fn-mote ◴[20 Nov 24 03:06 UTC] No.42190490[source]
What software are you talking about?

Who is forcing you to upgrade?

For that matter, what hardware?

I run an old Intel Mac and it’s perfectly reasonable for casual work. I’m not paying for stuff like Adobe leases though.

replies(1): >>42192751 #
8. phony-account ◴[20 Nov 24 03:11 UTC] No.42190514[source]
> Macbook Airs that are only 3-5 years old

MacBook Airs from 2020 support Sequoia - so just the very upper limit of your range is relevant.

replies(1): >>42191696 #
9. brian_cunnie ◴[20 Nov 24 03:43 UTC] No.42190652[source]
Agreed. It takes more than a few developers to support older operating systems.

At my old job we supported only two versions of our software product, Tanzu Operations Manager versions 2.10.x and 3.0.y), and we cut new patch releases every few weeks (similar to Apple's cadence). Bumping dependencies was a pain. Well, usually it went fine, but sometimes you'd hit a gnarly incompatibility and you'd either pin a Ruby package to a known version or try to modify the code just enough to make it work without making a major change.

If I had to put a number to it, I'd say it cost us 2 developers to keep our older product line consistently patched, and our product was a modest Ruby app, much less complicated than an entire OS.

replies(1): >>42191831 #
10. wannacboatmovie ◴[20 Nov 24 07:59 UTC] No.42191696{3}[source]
Absolutely not. Apple was still selling non-Retina Intel MacBook Airs until 2019. Those are now completely unsupported with no security updates having topped out at Monterrey. 5 years of updates on a new laptop is borderline criminal.
11. justinclift ◴[20 Nov 24 08:28 UTC] No.42191831[source]
> new patch releases every few weeks (similar to Apple's cadence)

Is Apply really releasing new patched OS updates every few weeks?

12. vetinari ◴[20 Nov 24 11:07 UTC] No.42192751{3}[source]
What exactly is an old Intel mac and what is a casual work?

For example, I have 2015 macbook pro. The last macos release for it is Monterey. Even brew has problems with that, erroring out when installing packages like libpng and complaining, that I should upgrade xcode cli tools. Which I can't.

13. chris_wot ◴[21 Nov 24 03:42 UTC] No.42200877[source]
I see the Mac fanboys aren't happy with my factual statement. I love Macs (won't use anything else) but I also live in reality.