Apple has produced a very stable, very secure operating system in OS X, but what happens when a new version comes out, like the recent OS X 10.3? According to an article at C|Net, OS X 10.2 users have been denied a security update, while users of the hot-off-the-presses version of the operating system were promptly given an update. The article also suggests that Apple may not be planning on offering much support for Jaguar, even on security issues that affect the OS. From C|Net:
On Tuesday, Apple released an advisory that indicate that the Mac OS X 10.3 upgrade--which adds an improved Finder menu, better synchronization of files and a tool to help users find a specific window on a crowded desktop--also includes more than a dozen "security enhancements."
However, Apple apparently doesnit intend to fix the flaws in previous versions of the software: Appleis Security Updates Web page doesnit list fixes for the flaws in Mac OS X 10.2 and earlier.
"It is not a friendly thing to tell your customers to shell out a lot of money to stay secure," said Thor Larholm, senior researcher for software security firm PivX Solutions. "It would be a dangerous precedent, if they did."
Apple declined comment.
You can read the full article at C|Netis Web site. Another article at eWeek has more details on the exact nature of the security holes, how they work, and how they can be taken advantage of by the bad guys.