The problem with not clearly articulating support policies is that they will inevitably leave some of your customers alienated and angry. Last week was a demonstration of this with Apple’s unspoken software update policies, which have been left in disarray.
Without Apple having the decency to inform them, many users realised that their Macs running Mojave are now unsupported. These include Mac Pro models from 2010 and 2012, which were sold until late 2013, many of which are still used in production, although some have been upgraded to Catalina thanks to an unsupported third-party patch. Anyone still relying on 32-bit software, thus unable to upgrade to Catalina yet, is also left in the lurch.
I had hoped that Apple would have chosen to prolong the period of security updates provided to Mojave, in view of its singular place as the last major version which still supports 32-bit software, and whose startup volume remains undivided into an APFS Volume Group. This was an opportunity to accommodate the many loyal Mac users whose key tools haven’t been updated, and who, for good reasons, can’t just run Mojave in a Virtual Machine.
Paradoxically, Apple has worsened the situation with the additional detail it now provides in its Security Release Notes. In the two latest Security Updates to Catalina, it has revealed that one vulnerability in Core Graphics and another in XNU are being actively exploited in malware. Anyone still having to use Mojave must now be wondering whether it too shares those vulnerabilities, but Apple won’t make any further comment, leaving those users dangling in insecurity.