Photo: Adam Turner
Why has Apple left Leopard users in the lurch?
Flashback has made plenty of headlines lately, and rightly so. It's not the first Mac security threat, but it's perhaps the most significant -- infecting more than half a million Macs at its peak via a Java exploit. Apple's tardiness in releasing a Java update has been partially blamed for Flashback's spread, considering Oracle patched the exploit in February but Apple didn't update Java for Mac OS until April.
What's perhaps more disturbing is that Apple is only helping Mac users running Mac OS 10.7 Lion and 10.6 Snow Leopard, issuing a Java update and Flashback removal tool. If you're running Mac OS 10.5 Leopard or earlier, which reportedly accounts for 20% of Macs, Apple's only advice is to upgrade your operating system. There's no Java update or Flashback removal tool, you're on your own.
That's pretty disappointing considering Apple only stopped shipping machines running Leopard three years ago. I know it doesn't cost much to upgrade, but that's not the point. Some of us might be quick to upgrade our computers when a new operating system comes along, but not everyone feels this way. Not everyone wants to tinker with their Mac if it's happily running Leopard, especially if they're not that tech-savvy and bought a Mac because it "just works". Such less-tech-savvy people are perhaps the most vulnerable to malicious software, yet Apple has left them out in the cold.
If this is Apple's way of "encouraging" people to upgrade, it's pretty shabby treatment. It's not as if Flashback attacks some fundamental flaw which can't be addressed in older versions of Mac OS. Leopard isn't broken, Apple just wants to wash its hands of it. Mac users are often quick to take the moral high ground, but even Microsoft tends to offer OS security support for longer.
If you're a Mac user still running Leopard or earlier, you'll find some advice regarding Flashback in today's paper. Is Flashback the final straw that will "encourage" you to upgrade to Lion?