Old Apple operating systems receive periodic updates to patch security vulnerabilities, but Apple says only the latest OS updates are fully protected.
Older devices don't get comprehensive security updates
Apple hasn't been specific about its security update practices before. It was up to enterprising users and researchers to compare security patch notes and CVE numbers to determine what was patched where.
According to a new support document first covered by Ars Technica, Apple says that only the most recent operating systems have the most comprehensive security patches. In older systems, vulnerabilities are still patched, but not everything.
The support document's purpose is meant to define the difference between a software update and an upgrade, but information about security patches is included. It briefly mentions that older macOS versions aren't as protected as the most recent major release.
This news shouldn't be surprising to those who pay attention to the industry. Apple will patch serious issues in years-old operating systems, but not every patch is applied universally.
For the average user, the best way to stay protected from vulnerabilities is to use the latest hardware updated to the latest available software. But, not everyone always upgrades their OS right when the latest and greatest version launches.
There are a handful of reasons why someone might stick to older operating systems. As devices age, they lose the ability to run the latest software and are dropped from support for the new upgrade.
For devices that can run the latest software, users sometimes decide to wait for a stable release or for work-related apps to become compatible. Apple tends to release a handful of support updates to older systems even when the new OS has launched.
For example, Apple released iOS 15.7.1 with a range of security fixes and patches. However, the list of vulnerabilities covered by the update is smaller compared to iOS 16.1.