Contribute
Register

Security of high sierra as of today

Joined
Jul 3, 2020
Messages
3
Motherboard
ASRock z370 pro4
CPU
i5-8600k
Graphics
gtx 1060
Mac
  1. MacBook Pro
Mobile Phone
  1. Android
Hey everybody,

I am currently stuck on high sierra (10.13.4) because of my nvidia GPU.
I am waiting for the next m1 device and was not planning on upgrading my hackintosh anymore.

However, the latest mac security patch 11.6 made me think.
What are the vulnerabilities I am facing with my current version?
I am using the system for software development as a self employed dev. Currently working in freelance projects with big clients.

Would you consider my current system unsafe? I guess, its not possible to patch the security vulnerabilities on 10.13.4 myself, right?
What other leaks does my current system have?

Thanks for your help!
 

Feartech

Moderator
Joined
Aug 3, 2013
Messages
24,237
Motherboard
Asus N752VX-OpenCore
CPU
i7-6700HQ / HM170
Graphics
HD 530 1920 x 1080
Mac
  1. iMac
Mobile Phone
  1. iOS
Hey everybody,

I am currently stuck on high sierra (10.13.4) because of my nvidia GPU.
I am waiting for the next m1 device and was not planning on upgrading my hackintosh anymore.

However, the latest mac security patch 11.6 made me think.
What are the vulnerabilities I am facing with my current version?
I am using the system for software development as a self employed dev. Currently working in freelance projects with big clients.

Would you consider my current system unsafe? I guess, its not possible to patch the security vulnerabilities on 10.13.4 myself, right?
What other leaks does my current system have?

Thanks for your help!
you can remove your nvidia, use your builtin intel graphics and update to Big Sur if needs be
 

UtterDisbelief

Moderator
Joined
Feb 13, 2012
Messages
6,781
Motherboard
Gigabyte Z490i Aorus Ultra - OC 0.6.8
CPU
i5-10600K
Graphics
GT 1030
Mac
  1. iMac
  2. Mac mini
Classic Mac
  1. eMac
  2. iBook
Mobile Phone
  1. Android
... Also note you can update to a later version of High Sierra 10.13.6 plus a Security Update from about a year ago now giving you build number: 17G14042.

Developing secure software need not be related to the system you are on but the code you are producing. If you think you are vulnerable to Viruses or Trojans then either don't connect your dev system to the Internet or do as @Feartech recommends and remove your GPU and use the iGPU instead. That way you can update macOS to the latest until you get the new machine.

:)
 
Joined
Jul 3, 2020
Messages
3
Motherboard
ASRock z370 pro4
CPU
i5-8600k
Graphics
gtx 1060
Mac
  1. MacBook Pro
Mobile Phone
  1. Android
Is the system usable without the dedicated GPU for dev work and browsing?
Any recommendations for a guide I can use to upgrade? :)
How big is the risk that the upgrade fails and destroys my system?

Is the upgrade to 10.13.6 a low-risk one?

I can not risk to shoot my production system right now since I have a lot of work to do :(

Is there any list of vulnerability fixes which came after 10.13.6?
The latest one afaik relates to opening unkown PDFs, so this is something I can just work around.
But I would need to see a full list of thinks I should be looking out for when staying on my old system :D

Thanks for your help! @UtterDisbelief and @Feartech

Edit: bonus question: are there good anti virus tools I could use to feel more secure on a high sierra system?
 

Feartech

Moderator
Joined
Aug 3, 2013
Messages
24,237
Motherboard
Asus N752VX-OpenCore
CPU
i7-6700HQ / HM170
Graphics
HD 530 1920 x 1080
Mac
  1. iMac
Mobile Phone
  1. iOS
Is the system usable without the dedicated GPU for dev work and browsing?
Any recommendations for a guide I can use to upgrade? :)
How big is the risk that the upgrade fails and destroys my system?

Is the upgrade to 10.13.6 a low-risk one?

I can not risk to shoot my production system right now since I have a lot of work to do :(

Is there any list of vulnerability fixes which came after 10.13.6?
The latest one afaik relates to opening unkown PDFs, so this is something I can just work around.
But I would need to see a full list of thinks I should be looking out for when staying on my old system :D

Thanks for your help! @UtterDisbelief and @Feartech

Edit: bonus question: are there good anti virus tools I could use to feel more secure on a high sierra system?
yes, there is always a risk in updating versions of macOS

you may want to consider migrating to opencore, use a usb stick to test this with to boot from to make sure it works

make sure all your kexts are updated as well

have a read up on:
https://dortania.github.io/OpenCore-Install-Guide/config.plist/coffee-lake.html

when you can create a usb stick that boots into your desktop, you should be good to copy the EFI from your USB stick to your main hard drive EFI
 
Joined
Mar 3, 2014
Messages
1,151
Motherboard
Gigabyte Z390 I AORUS PRO WIFI
CPU
i9-9900K
Graphics
RX 580
Mac
  1. MacBook Air
Classic Mac
  1. Power Mac
Not related to security, but if you do decide to update your 10.13.4 to 10.13.6 and keep your GTX 1060, be aware from this tonymacx86 web page that there are multiple build versions of 10.13.6. The nVidia driver version must match the build number you install, so be sure to get the right one from that page. (Usually the nVidia driver manager will warn you if the driver is wrong, but not always.) IMHO you should try to wind up with the latest build version of 10.13.6 you can (build 17G14042).
 
Top