Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

robodelfy

macrumors regular
Original poster
Jan 13, 2018
100
16
Hi

I have a 2012 MBP with Yosemite and its worked flawlessly for me for years, which is such a relief. I recently heard about these Spectre and Meltdown security issues and freaked out a bit. I do access important and delicate info online quite often.

It doesnt seem there is a patch for yosemite and apple says nothing about it. I also use adobe programs I paid for but am no longer supported in, and various music programs, so Im worried if I upgrade to High Sierra there will be problems. Im in the middle of various large projects now and cant risk messing them up

Other than that I have just heard so many bad things about High Sierra and people having problkem

Can anyone give me any advice?

Thanks
 

TonyK

macrumors 65816
May 24, 2009
1,032
148
Not sure Apple will patch older versions of macOS. I'm on Sierra and the only thing patched so far is Safari. :(

Can't go to High Sierra for personal/software reasons.

To be impacted by either Spector or Meltdown the user first has to download the package and install it.
 

Fishrrman

macrumors Penryn
Feb 20, 2009
29,175
13,223
I don't believe Yosemite will "get the patch".
But El Capitan did. And it's "not that far removed" from Yosemite.

Going up to El Cap (or even Low Sierra) might be a good move.
I would AVOID High Sierra for now -- just too many reports of problems, perhaps because of the new APFS file system.

The best tip you're ever going to get regarding upgrading:
BEFORE you do a major upgrade, download either CarbonCopyCloner or SuperDuper, and do a cloned backup of your "old installation" to an external drive.
That way, if you don't like things "once you get there", it's very easy to "get back to where you once belonged" (with the old OS).

If you DON'T do this, you can still "get back", but it's NOT going to be "easy".
 

BrittWentz

macrumors member
Nov 22, 2017
49
12
How does Low Sierra and even High Sierra do on a mid-2012 MBP? Looking into getting an SSD for mine and would do a clean install. I use a lot of Adobe Software as OP, and i've seen people running them perfectly on their 2017 MBP's with High Sierra, but i'm afraid i would lose my current files.

In case things go wrong, can i just pop in my HDD and let things be as they were? I'm currently running Mountain Lion and i'm too scared to upgrade because of my Adobe files. I was too scared to upgrade to Mavericks and 6 OS X updates later i'm stuck living in 2012!
 

robodelfy

macrumors regular
Original poster
Jan 13, 2018
100
16
Thanks

Yes I have read conflicting thoughts on how much risk we are actually at with Spectre and Meltdown. It seems there is no imminent threat, and i have read from others that you need download something to be affected. Can you explain exactly what you meant by that, as others have contested it? What situation would be a threat?

I planned to clone my ssd OS drive before trying any upgrades. But it sounds like right now there is nothing better about Sierra or El capitan, as you say only safari has been patched. I dont even use safari, I use chrome and have taken googles advice on keeping safe with that

Also, if I want to upgrade to El Capitan or Sierra, where do i find them, as they arent in my App Store, and I seem to only have the option for High Sierra

thank for all your help :)
 

MacGekko

macrumors 6502a
Mar 6, 2009
761
277
Not sure Apple will patch older versions of macOS. I'm on Sierra and the only thing patched so far is Safari. :(

Can't go to High Sierra for personal/software reasons.

To be impacted by either Spector or Meltdown the user first has to download the package and install it.

Are you certain about this, I thought I read a javascript could take advantage of this and simply by visiting a website you could get into trouble.

I'm in the same boat but have a recent Pro with SSD, on Yosemite, the issues with High Sierra have been mostly solved by the recent High Sierra updates. I don't really want to upgrade as it will force me to buy a new piece of software but Yosemite has been unsupported since September and it does not look like it will even get a Safari patch to address this.

I draw the line once an OS becomes unsupported, I wish Apple or a website would alert users when that occurs but such is life.

Previous poster: https://support.apple.com/en-us/HT208202

And vis a vis "no imminent threat", nobody can predict that, this security hole seems serious enough that I don't think people should leave it open.
 

TonyK

macrumors 65816
May 24, 2009
1,032
148
I don't believe Yosemite will "get the patch".
But El Capitan did. And it's "not that far removed" from Yosemite.

Going up to El Cap (or even Low Sierra) might be a good move.
I would AVOID High Sierra for now -- just too many reports of problems, perhaps because of the new APFS file system.

The best tip you're ever going to get regarding upgrading:
BEFORE you do a major upgrade, download either CarbonCopyCloner or SuperDuper, and do a cloned backup of your "old installation" to an external drive.
That way, if you don't like things "once you get there", it's very easy to "get back to where you once belonged" (with the old OS).

If you DON'T do this, you can still "get back", but it's NOT going to be "easy".

In what way will Sierra be patched. So far all that has been seen has been for Safari. Otherwise Software Update shows no more updates.

Are you certain about this, I thought I read a javascript could take advantage of this and simply by visiting a website you could get into trouble.

I'm in the same boat but have a recent Pro with SSD, on Yosemite, the issues with High Sierra have been mostly solved by the recent High Sierra updates. I don't really want to upgrade as it will force me to buy a new piece of software but Yosemite has been unsupported since September and it does not look like it will even get a Safari patch to address this.

I draw the line once an OS becomes unsupported, I wish Apple or a website would alert users when that occurs but such is life.

Previous poster: https://support.apple.com/en-us/HT208202

And vis a vis "no imminent threat", nobody can predict that, this security hole seems serious enough that I don't think people should leave it open.

It depends on your level of protection. My system runs NoScript which prevents sites from sending me anything outside of standard HTML until I authorize it to.

Regarding JavaScript, there is only so much they can do. If they show a pop-up for the user to install software, the user still has to approve and install said software.

Yes there are criminals getting more sophisticated all the time. It is up to the user to rethink how they use the Internet and to be fully aware that someone, somewhere, is trying to still from them 24/7. A sad state of affairs but it is where we are in our lives and technology.

https://security.stackexchange.com/questions/32288/can-javascript-be-used-to-install-malware

and

https://security.stackexchange.com/...-how-does-it-work-and-how-can-it-be-mitigated

Update to add: This past week our Credit Union sent an email saying they were changing the URL in which they are accessed. Most customers/users will blindly just go to that address. In this day and age though, we need to question any changes. I called the CU up and asked them. They did confirm the email is real and also confirmed the new URL.

We cannot blindly think every email is legitimate and our financial institutions and other businesses need to re-think how they communicate changes like this to their customers.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.