Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2

A serious design flaw and security vulnerability discovered in Intel CPUs has reportedly already been partially addressed by Apple in the recent macOS 10.13.2 update, which was released to the public on December 6.


According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from "multiple sources within Apple" that updates made in macOS 10.13.2 have mitigated "most" security concerns associated with the KPTI vulnerability.

Publicized yesterday, the design flaw in Intel chips allows normal user programs to see some of the contents of the protected kernel memory, potentially giving hackers and malicious programs access to sensitive information like passwords, login keys, and more.

Full details on the vulnerability continue to be unavailable and under embargo, so it's not yet clear just how serious it is, but fixing it involves isolating the kernel's memory from user processes using Kernel Page Table Isolation at the OS level. Implementing Kernel Page Table Isolation could cause a performance hit on some machines.

According to The Register, which first shared details on the vulnerability, Windows and Linux machines will see a 5 to 30 percent slowdown once a fix is in place. It appears Macs may not be hit as heavily, as no noticeable performance slowdowns have been reported since the launch of macOS 10.13.2.

Ionescu also says that performance drop on a system with PCID (Process-Context Identifiers), available on most modern Macs, is "minimal," so most users may not see an impact on day-to-day Mac usage.

Top Rated Comments

(View all)
Avatar
35 months ago
What about El Capitan and Sierra?
Score: 35 Votes (Like | Disagree)
Avatar
35 months ago
I'd still replace my battery just to be sure ;)
Score: 27 Votes (Like | Disagree)
Avatar
35 months ago

Erm...no, 10.13.2 has been out for quite a bit, almost a month ago.

Might have even been in earlier beta's as well.

So quick that it happened in the past! I like this new time-bending Apple.
Score: 13 Votes (Like | Disagree)
Avatar
35 months ago
Anyone know if this applies to security-patches for Sierra / El Capitan?
Score: 10 Votes (Like | Disagree)
Avatar
35 months ago
For anyone interested, using the Potts-Kant benchmarks on the latest releases of both concurrent versions of Mac OS -

We're running benchmark processes concurrently with PCID disabled, employing supplementary reservoir matching sequences throughout our lab here at Duke.

The testing has just begun - so I'll be posting the results here in about an hour, for anyone interested in how their machines might be affected.

Students have been instructed to take the machines through a variety of real world tests -

So we'll be posting that, as well as the conclusive results provided by our benchmark studies - to hopefully help clear the air and provide a more balanced issuance of the possible affections of data-protected kernel-modeling architecture implications.
Score: 9 Votes (Like | Disagree)
Avatar
35 months ago

What do we make of this really? I think someone should do a comparative test on handbrake or anything that solely uses CPU and only then we can tell the difference between 10.13.2 and any previous versions of macOS

This has nothing to do with CPU utilization. Rather, you will see a performance penalty when an applications makes system calls, such as to files or network access. Essentially it occurs when ring 3 needs to access something at the more privileged ring 0.
Score: 8 Votes (Like | Disagree)

Top Stories

Here's How You Can Download iOS 14 and iPadOS 14 Around the World [It's Out]

Wednesday September 16, 2020 2:36 am PDT by
Apple's official public release of iOS 14 and iPadOS 14 dropped on Wednesday, September 16, just a day after the company released the Golden Master to third-party developers. Also set to be made available to the general public for the first time are watchOS 7 and tvOS 14. Getting Started With iOS 14 Video Click image to watch iOS 14 Getting Started While that's left a lot of developers...

When Will the iPhone 12 Launch? Here's What We Know

Wednesday September 16, 2020 6:12 am PDT by
Yesterday's "Time Flies" Apple event saw the release of the Apple Watch Series 6, Apple Watch SE, iPad 8, and iPad Air 4, but no new iPhone models. Rumors before the event strongly alleged that it would not see the unveiling of new iPhones, with many reports pointing to an October launch. The lack of new iPhone models yesterday seems to confirm that the iPhone 12 lineup will not appear...

Apple Releases iOS 14 and iPadOS 14 With Home Screen Redesign, App Library, Compact UI, Translate App, Scribble Support, App Clips, and More

Wednesday September 16, 2020 12:48 pm PDT by
Apple has released iOS 14 and iPadOS 14, the newest operating system updates designed for the iPhone and iPad. As with all of Apple's software updates, iOS 14 and iPadOS 14 can be downloaded for free. iOS 14 is available on the iPhone 6s and later, while iPadOS 14 is available on the iPad Air 2 and later. The updates are available on all eligible devices over-the-air in the Settings app. To ...

Apple Releases Safari 14 for Mac Ahead of macOS Big Sur Launch

Wednesday September 16, 2020 1:40 pm PDT by
macOS Big Sur didn't launch alongside iOS 14, iPadOS 14, tvOS 14, and watchOS 7 today, with the update coming later this fall, but Apple did release the Safari 14 update for macOS Catalina and macOS Mojave users. Safari 14 brings improved performance, customizable start pages, a Privacy Report to see which cross-site trackers are being blocked, and a new tab bar design that provides tab...

Apple Updates AirPods 2 and AirPods Pro Firmware to Version 3A283

Monday September 14, 2020 11:24 am PDT by
Apple today released new 3A283 firmware updates for the second-generation AirPods and the AirPods Pro. The second-generation AirPods are being updated from the 2D15 firmware they were previously running, while the AirPods Pros are being updated from the 2D27 firmware they had installed previously. Apple does not provide details on what's included in refreshed firmware so we don't know what's ...

Spotify Says Apple One Bundle Will Cause 'Irreparable Harm to Developer Community'

Tuesday September 15, 2020 12:26 pm PDT by
Apple today announced Apple One, a series of new subscription bundles that provide access to various Apple services at a combined monthly price. In response, Spotify sent out statements (via Peter Kafka) to the press decrying Apple's anti-competitive behavior and calling on "competition authorities" to stop Apple before it is able to cause "irreparable harm" to developers.Once again, Apple...

Apple Releases watchOS 7 With New Watch Faces, Family Setup, Sleep Tracking, Handwashing Help and More

Wednesday September 16, 2020 12:47 pm PDT by
Apple today released watchOS 7, the newest version of the watchOS operating system designed to run on modern Apple Watch models. The watchOS 7 update comes after several months of beta testing. ‌watchOS 7‌ can be downloaded for free through the dedicated Apple Watch app on the iPhone by going to General > Software Update. To install the new software, the Apple Watch needs to have at...

New AirPods Pro Firmware Introduces Spatial Audio Support and Automatic Switching

Monday September 14, 2020 12:22 pm PDT by
The new 3A283 firmware that Apple released for the AirPods Pro today appears to introduce support for Spatial Audio, a new feature coming to the higher-end AirPods with iOS 14. Multiple reports on Twitter and the MacRumors forums indicate that the firmware update adds a "Spatial Audio" option to the Control Center, which can be activated to enable the feature. Note that using Spatial Audio...

Here Are All of the New Apple Watch Faces Apple Announced Today

Tuesday September 15, 2020 2:55 pm PDT by
Apple today announced the Apple Watch Series 6 and the Apple Watch SE, both of which will be compatible with new watch faces that are being introduced in the watchOS 7 update set to be released tomorrow. Apple has provided a video highlighting all of the new Apple Watch faces, with details on each one. GMT - The GMT face shows multiple time zones at once, while also taking into...

iOS 14.2 Beta Adds New Shazam Music Recognition Feature for Control Center

Thursday September 17, 2020 3:36 pm PDT by
Apple today released the first beta of iOS 14.2 to developers for testing purposes, and the new update introduces a Music Recognition control for the Control Center. The new feature lets you discover music playing around you and it recognizes the music playing with in apps, even when you're wearing AirPods. Songs pop up as notifications, and you can tap to listen in Apple Music....