It’s widely known that Apple supports Mac and other hardware for periods which are laid down in this Support document. As far as macOS goes, everyone will tell you that Apple supports the current version for about a year before it’s replaced by a new major release, then provides two years of security updates for it. The strange thing about that is Apple doesn’t seem to have committed that to writing, and I’ve searched long and hard for its official policy on many occasions. This article sets out what Apple has actually done over the last few years, from OS X Mavericks onwards.
To investigate this, I’ve used the update information which I publish in articles here, checked against those given in Mactracker for full release dates, and the detailed records of individual security updates given by Apple here.
For the sake of clarity, allow me to explain how macOS support currently works. Each year, around the autumn/fall, Apple releases a major new version of macOS. For the next year or so, until the following major version is released, Apple provides a series of 5-7 minor updates which contain a mixture of regular bug and security fixes. When the next major version is released, that previous version is normally supported for around two more years, during which it generally doesn’t get any regular bug fixes, but gets security updates which address many of the more significant vulnerabilities which are found in it. After that period of two years of security update support, Apple then normally provides no further updates to that version of macOS. From then on, the only support it receives are periodic updates to its security tools such as XProtect and MRT, which continue for as long as they remain compatible with that version of macOS. Currently, that extends back to El Capitan, if not before.
In broad terms, that is what has happened at least since Mavericks in 2013. The first release of OS X 10.9 Mavericks was on 22 October 2013, and its last release during its period of full maintenance was with OS X 10.9.5 on 17 September 2014, with OS X 10.10 Yosemite following on 16 October 2014. Apple then issued a series of security updates to 10.9.5 until 18 July 2016, when the last was released. The next round of security updates on 1 September 2016 didn’t include any for Mavericks, which effectively became unsupported.
For each major version of OS X or macOS released since 22 October 2013, I therefore give the period between its first release and its last release, which is the period of full maintenance support. From the end of that until the last security update is the period of security updates (only), and the total support period is that from first release to the last security update. These are given in the table below.
Of the eight major versions of macOS, only six received a whole years’ full maintenance, with the median and average being around 45-46 weeks. This is because the last minor update is usually about one month before the first release of the next major version. We’re all well aware that the last minor update to each major version of macOS doesn’t bring closure: it’s common for the last update to leave serious bugs which are only fixed in the next major release. In some cases, this may be due to requirements for more extensive changes in macOS.
One potential example of this was the Time Machine / DAS bug in Sierra, which was reported several months before the last minor update to Sierra but remained uncorrected until the first release of High Sierra. However, there are other bug fixes which could have been implemented earlier but appear to have been deliberately held over to the next major version. An example of that was adding volume version databases to Time Machine’s exclusion list, a bug left unfixed in Catalina, and only corrected in Big Sur.
The duration of security updates generally exceeds two years (104 weeks), with short periods on only two of six cycles (for Mavericks and Mojave). The median period is two years and ten weeks. As a result, the total support period, between first release and last security update, also exceeded three years in four of the six cycles, the only major versions falling short being Mavericks (by 7 weeks) and Mojave (by 9 weeks).
These figures also provide a good reason for Apple not formalising macOS support periods in the way that it does for hardware. Updates and security updates occur relatively infrequently, and at irregular intervals, ‘as required’. Specifying support periods by the calendar would impose a timetable which could result in some fixes being omitted, and others being deferred to later versions of macOS.
Over a period of eight years, Apple has followed what most believe to be its policy on macOS support: major versions enjoy full support for the year that they are the current release, then receive approximately two years of security updates. What is strangest of all – or would be for any other company – is that Apple never tells its customers when a minor update is the last before entering the security update period, nor when a major version of macOS is receiving its last security update. It’s almost as if it’s ashamed to admit such important information, including its software support policy.