I have an old (2015) iMac running OS 10.12.6. Because of hardware constraints (I think) I haven’t been able to update the OS for years now so am stuck with using 10.12.6.
Is my machine vulnerable to ForcedEntry? If so, is it possible to patch the vulnerability using such an old OS?
Thanks!
My parents asked me this same thing. My response was that I can’t say for sure, but most likely the answer is yes. There’s not much to do about it though since such an old version of macOS is not getting updates anymore. That said, it’s unclear how old of an OS version you have to go back to for the exploit to not work anymore.
Also, this is a highly-focused attack with apparent government backing so most normal people are not targets. That could mean while older Macs and iPhones are technically vulnerable, they may not be worth exploiting, but that’s just a supposition on my part. All the media attention has been solely focused on just the latest one or two versions of iOS and macOS as if nobody’s running anything older.
While I doubt it will be patched, the article linked in the OP makes it seem like it would be easy to mitigate. It says that the exploit is in the PDF parser for the computer.
If that’s the case, you could likely mitigate it by installing a third party PDF reader, and never open PDFs in anything else. Set it up as the default for PDFs, and maybe don’t open any PDFs directly from Safari.
You’d need to make sure the new PDF reader didn’t use Apple’s Coregraphics library, but I doubt, say, Adobe Reader would use that and not their own rendering library.
Yeah but these exploits have been PDFs masquerading as GIFs and coming through iMessage without any user interaction or notice. If that’s a different exploit that I’m thinking about I apologize, but the point is that it’s not so simple.
According to the site I use for such matters all 2015 iMacs can go to MacOS 11.x Big Sur, and all except one to 12.x Monterey.
True, but that’s a big jump. Catalina killed many older pieces of software and some people can’t upgrade the OS because of that.
Thanks all.
I tried a while ago to upgrade to 11.1 but it couldn’t be done (I think because of hardware problems or maybe not enough memory).
Maybe it’s time to splurge for a new machine.