At some point in late 2011, Apple unofficially but officially (lol) adopted an N-1 policy of providing security updates to the current and previous Mac OS only. There was a minor update for 10.5 in early 2012 but not the full breadth of security updates that 10.6 and 10.7 were getting.

Until now that has still been the policy.

Earlier this week 10.9.2 came out. While the SSL bug did not affect 10.7 and 10.8 per se, these OS’es were still missing security updates that had been issued since Mavericks came out.

Apple released a security update for BOTH 10.7 and 10.8. So now the policy for updates has again shifted to N-2.

If you are stuck on Lion without possibility of upgrade, you have a 6 to 8 month reprieve. If that 10.7 machine was a secondary machine anyway –without a need for Mac specific features — you may want to consider a Chromebook or Chromebox — if the the $599 cost for a Mini or $999 cost for the MacBook Air 11 seem too overwhelming

I applaud Apple’s security updates for Lion. Though the white poly carbonate MacBook was taken off the consumer market in fall 2010 and replaced with the updated MacBook Air 11 at the $999 price point — it was still sold in education markets until mid 2011.

It would really STINK to tell someone – your 3 year old computer can no longer get security updates.

Reference – http://www.computerworld.com/s/article/9246609/Apple_retires_Snow_Leopard_from_support_leaves_1_in_5_Macs_vulnerable_to_attacks