Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2
A serious design flaw and security vulnerability discovered in Intel CPUs has reportedly already been partially addressed by Apple in the recent macOS 10.13.2 update, which was released to the public on December 6.
According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from "multiple sources within Apple" that updates made in macOS 10.13.2 have mitigated "most" security concerns associated with the KPTI vulnerability.
Publicized yesterday,
the design flaw in Intel chips allows normal user programs to see some of the contents of the protected kernel memory, potentially giving hackers and malicious programs access to sensitive information like passwords, login keys, and more.
Full details on the vulnerability continue to be unavailable and under embargo, so it's not yet clear just how serious it is, but fixing it involves isolating the kernel's memory from user processes using Kernel Page Table Isolation at the OS level. Implementing Kernel Page Table Isolation could cause a performance hit on some machines.
According to The Register, which first shared details on the vulnerability, Windows and Linux machines will see a 5 to 30 percent slowdown once a fix is in place. It appears Macs may not be hit as heavily, as no noticeable performance slowdowns have been reported since the launch of macOS 10.13.2.
Ionescu also says that performance drop on a system with PCID (Process-Context Identifiers), available on most modern Macs, is "minimal," so most users may not see an impact on day-to-day Mac usage.
Popular Stories
Game emulator apps have come and gone since Apple announced App Store support for them on April 5, but now popular game emulator Delta from developer Riley Testut is available for download. Testut is known as the developer behind GBA4iOS, an open-source emulator that was available for a brief time more than a decade ago. GBA4iOS led to Delta, an emulator that has been available outside of...
The first approved Nintendo Entertainment System (NES) emulator for the iPhone and iPad was made available on the App Store today following Apple's rule change. The emulator is called Bimmy, and it was developed by Tom Salvo. On the App Store, Bimmy is described as a tool for testing and playing public domain/"homebrew" games created for the NES, but the app allows you to load ROMs for any...
Last September, Apple's iPhone 15 Pro models debuted with a new customizable Action button, offering faster access to a handful of functions, as well as the ability to assign Shortcuts. Apple is poised to include the feature on all upcoming iPhone 16 models, so we asked iPhone 15 Pro users what their experience has been with the additional button so far. The Action button replaces the switch ...
A decade ago, developer Riley Testut released the GBA4iOS emulator for iOS, and since it was against the rules at the time, Apple put a stop to downloads. Emulators have been a violation of the App Store rules for years, but that changed on April 5 when Apple suddenly reversed course and said that it was allowing retro game emulators on the App Store. Subscribe to the MacRumors YouTube channel ...
iOS 18 is expected to be the "biggest" update in the iPhone's history. Below, we recap rumored features and changes for the iPhone. iOS 18 is rumored to include new generative AI features for Siri and many apps, and Apple plans to add RCS support to the Messages app for an improved texting experience between iPhones and Android devices. The update is also expected to introduce a more...
Top Rated Comments
We're running benchmark processes concurrently with PCID disabled, employing supplementary reservoir matching sequences throughout our lab here at Duke.
The testing has just begun - so I'll be posting the results here in about an hour, for anyone interested in how their machines might be affected.
Students have been instructed to take the machines through a variety of real world tests -
So we'll be posting that, as well as the conclusive results provided by our benchmark studies - to hopefully help clear the air and provide a more balanced issuance of the possible affections of data-protected kernel-modeling architecture implications.