It seems that the frequency of security updates to IOS and High Sierra has been unusually high lately. I also just applied my second update in a few days to MS Office on my iMac. Anyone else have that impression and/or know why?
iMac (21.5-inch, Late 2013), macOS High Sierra (10.13), BitDefender 3.3.10586
Well, the problems are multi-fold. In some cases, new vulnerabilities are discovered that resulted from recent security testing. In other cases, the vulnerabilities resulted from sloppy programming. Given the tens of thousands of lines of programming in an operating system, it's not too surprising that vulnerabilities might creep into the code when you aren't starting from scratch. If I recall correctly, none of the vulnerabilities were discovered in the wild. By that I mean they were discovered by security experts testing the code for problems. By the time the faults are made public Apple has plugged them up. They either issue a security update or they can push the solution to all computers/iDevices OTA if a restart isn't needed. Apple handles anti-malware the same way. That's why you don't really need to buy anti-malware software nor install it on your computer.
I have used Macs since 1988. A variety of other makes starting in 1981. I have owned more than 35 computers in that period time. I used Macs daily in my job. I have always followed good practice of the day and never have had a virus or malware find its way onto my machines. So far, so good as they say. During all that time I have also worked on Windows machines and Unix machines. Windows machines were never less vulnerable than Macs. Perhaps because OS X is basically Unix that may be why. Or perhaps Macs haven't had too many problems compared to Windows is because there aren't enough Macs in the workplace to attract the hackers. But that has changed because it's usually not the user's machine the hackers want but what the machine is networked to. The big stuff isn't on our computers but on the networks we use.
Well, the problems are multi-fold. In some cases, new vulnerabilities are discovered that resulted from recent security testing. In other cases, the vulnerabilities resulted from sloppy programming. Given the tens of thousands of lines of programming in an operating system, it's not too surprising that vulnerabilities might creep into the code when you aren't starting from scratch. If I recall correctly, none of the vulnerabilities were discovered in the wild. By that I mean they were discovered by security experts testing the code for problems. By the time the faults are made public Apple has plugged them up. They either issue a security update or they can push the solution to all computers/iDevices OTA if a restart isn't needed. Apple handles anti-malware the same way. That's why you don't really need to buy anti-malware software nor install it on your computer.
I have used Macs since 1988. A variety of other makes starting in 1981. I have owned more than 35 computers in that period time. I used Macs daily in my job. I have always followed good practice of the day and never have had a virus or malware find its way onto my machines. So far, so good as they say. During all that time I have also worked on Windows machines and Unix machines. Windows machines were never less vulnerable than Macs. Perhaps because OS X is basically Unix that may be why. Or perhaps Macs haven't had too many problems compared to Windows is because there aren't enough Macs in the workplace to attract the hackers. But that has changed because it's usually not the user's machine the hackers want but what the machine is networked to. The big stuff isn't on our computers but on the networks we use.
I know the reason is to fix recently discovered security vulnerabilities. My question is prompted by a higher normal than usual of vulnerabilities being discovered and addressed. I'm not complaining, I'm just curious. I'm a long time user of all things Apple and this latest spate of security updates seem significantly higher than usual.
There have been three security updates for High Sierra since October. The most recent two were on December 6th and November 29th. There have been six security update for IOS since October. The most recent two were on December 13th and December 2nd.
My source is Apple's list of Security Updates. Apple security updates - Apple Support
Kappy,
...Given the tens of thousands of lines of programming in an operating system,...
Think "Millions" of lines of code
Croshaven,
The iPhone has become a popular device for security researchers, and as time goes on, more and more iPhone specific security tools are becoming available for those security researchers to use, which means they can find more problems.
In some cases the security researchers report the flaw to Apple, and then keep quiet about it until after Apple does a regular point operating system update, so you get regular bug fixes, new features, and security fixes. Sometimes the flaw is so severe the update is immediate. And sometimes the security researchers DO NOT keep it to themselves, but rather go for the attention and release the knowledge to the press, and let Apple catch up. These are more likely to cause out-of-cycle updates.
The causes are bugs, or an unexpected path in the code that is working as designed, which the developers did not realize could be used that way. Bugs are much easier to deal with than path flaws, which may affect the design, which may affect the user interface, which may affect the user experience (some working feature had to be taken away because of the security implications).
Let's see now, two security updates for the year. Not so many. The reason is the need to fix recently discovered security openings that needed closing.
Have there been more iPhone and iMac security updates than usual lately?
