Apple Confirms 'Meltdown' and 'Spectre' Vulnerabilities Impact All Macs and iOS Devices, Some Fixes Already Released [Updated]

by

Apple today confirmed that it has addressed the recent "Meltdown" vulnerability in previously released iOS 11.2, macOS 10.13.2, and tvOS 11.2 updates, with additional fixes coming to Safari in the near future to defend against the "Spectre" vulnerability.

12 inch macbook macbook pro duo
Apple has also confirmed that the two vulnerabilities affect all Mac and iOS devices. The company's full statement, available through a new support document covering Meltdown and Spectre, is below:

Security researchers have recently uncovered security issues known by two names, Meltdown and Spectre. These issues apply to all modern processors and affect nearly all computing devices and operating systems.

All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time. Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store.

Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre. We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.

Apple's statement does not make it clear if these vulnerabilities have been addressed in older versions of iOS and Mac, but for Macs, there were security updates for older versions of macOS released alongside macOS 10.13.2, so it's possible fixes are already available for Sierra and El Capitan.

News of the Spectre and Meltdown vulnerabilities first came to light this week, but Intel and major operating system vendors like Apple, Linux, and Microsoft have known about the issue for several months and worked to prepare a fix before the security flaws were publicly shared.

Spectre and Meltdown are serious vulnerabilities that take advantage of the speculative execution mechanism of a CPU. As these use hardware-based flaws, operating system manufacturers are required to implement software workarounds. These software workarounds can impact processor performance, but Intel has insisted most users will not see serious slowdowns. Apple also says that no measurable impact has been detected in macOS and iOS.

Apple released mitigations for Meltdown in iOS 11.2, macOS 10.13.2, and tvOS 11.2. watchOS did not require mitigation. Our testing with public benchmarks has shown that the changes in the December 2017 updates resulted in no measurable reduction in the performance of macOS and iOS as measured by the GeekBench 4 benchmark, or in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.

The Meltdown vulnerability allows a malicious program to read kernel memory, accessing data like passwords, emails, documents, photos, and more. Meltdown can be exploited to read the entire physical memory of a target machine. The vulnerability is particularly problematic for cloud-based services.

Spectre, which covers two exploitation techniques, breaks the isolation between different applications. Apple says that while the Spectre vulnerability is difficult to exploit, it can be done using JavaScript in a web browser. Apple plans to release Safari updates for macOS and iOS to prevent Spectre-based exploits.

As with the Meltdown vulnerability, Apple says the upcoming Safari mitigations will have "no measurable impact" on Speedometer and ARES-6 tests, and an impact of less than 2.5% on the JetStream benchmark.

Apple says it will continue to test further mitigations for Spectre and will release them in future versions of iOS, macOS, tvOS, and watchOS.

Update: Apple has updated its Meltdown and Spectre support document to clarify that the Apple Watch is not affected by either vulnerability. Previously, Apple had only confirmed that the Apple Watch was unaffected by Meltdown.

Update 2: Apple has confirmed that fixes have also been released for macOS Sierra and OS X El Capitan in an updated security support document.

Update 3: The support document that confirmed the fixes for Sierra and El Capitan has been updated again to remove references to these two operating systems, so it remains unclear whether or not Meltdown fixes have been released for these two older operating systems.

Tag: Meltdown-Spectre

Popular Stories

Apple Shopping Event 2025

Apple Announces 2025 Black Friday Event, Here's What You Can Get

Thursday November 20, 2025 6:28 am PST by
Apple's annual four-day Black Friday through Cyber Monday shopping event is returning on Friday, November 28 through Monday, December 1 in many countries, including the United States, Canada, Australia, New Zealand, France, Germany, Italy, Spain, the United Kingdom, Belgium, the Netherlands, Sweden, Thailand, and others. During the shopping event, customers can get an Apple gift card with...
Read Full Article41 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Wednesday November 19, 2025 4:00 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article100 comments
iOS 26

Everything New in iOS 26.2 Beta 3

Monday November 17, 2025 3:20 pm PST by
Apple provided developers with the third beta of an upcoming iOS 26.2 update, and there are still new features that are being added with each beta that we get. We've rounded up all of the changes that Apple made in beta 3. AirDrop Apple added new AirDrop functionality, providing a way for two people to share files temporarily without having to add one another as contacts. iOS 26.2...
Read Full Article25 comments
applecare apple care banner

Apple Brings New AppleCare+ Options to India

Tuesday November 18, 2025 8:42 am PST by
Apple today announced an expansion of AppleCare+ coverage in India, with new options for monthly and annual plans, and the addition of Theft and Loss for iPhone for the first time. Options for monthly and annual AppleCare+ plans in India provide more choice and flexibility, allowing users to keep coverage for as long as they require. Apple's vice president of Worldwide iPhone Product...
Read Full Article6 comments
iOS 26

iOS 26.2 Adds These New Features to Your iPhone

Thursday November 20, 2025 10:50 am PST by
iOS 26.2 is currently in beta testing. The upcoming update includes a handful of new features and changes on the iPhone, including a new Liquid Glass slider for the Lock Screen's clock, offline lyrics for Apple Music, and more. In a recent press release, Apple confirmed that iOS 26.2 will be released to all users in December, but it did not provide a specific release date. Keep reading...
Read Full Article27 comments
ipad mini 7 feature red and blue

iPad Mini 8: Four Major New Features to Expect

Wednesday November 19, 2025 7:50 am PST by
Apple's eighth-generation iPad mini is highly likely to arrive next year, offering a significant refresh of the device with at least four major new features. OLED Display The next-generation version of the iPad mini could feature an OLED display, as part of Apple's plan to expand the display technology across many more of its devices. Apple's first OLED device was the Apple Watch in 2015, ...
Read Full Article67 comments
hikawa phone grip stand apple%402x

Apple Launches Second Limited-Edition iPhone Accessory in a Month

Friday November 21, 2025 3:53 am PST by
Apple has begun selling the Hikawa Phone Grip and Stand, a new limited-edition iPhone accessory designed with accessibility in mind. Designed by LA-based Bailey Hikawa to celebrate the 40th anniversary of accessibility at Apple, the grip uses magnets to securely snap onto any iPhone with MagSafe. Apple says it can be removed with ease, and doubles as a stand with two different viewing...
Read Full Article111 comments
iPhone 17 Pro and Air N1 Feature

iPhone 17 vs. iPhone 16 Wi-Fi Speeds: New Study Reveals the Winner

Tuesday November 18, 2025 10:53 am PST by
A new study has revealed that the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air achieve significantly faster average Wi-Fi speeds compared to the iPhone 16 series, thanks to Apple's custom-designed N1 chip. The study was conducted by Ookla, the company behind the popular Speedtest website and app. It said the results are based on global, crowdsourced Speedtest user data...
Read Full Article51 comments
macbook black friday

The Best Early Black Friday Mac Deals

Tuesday November 18, 2025 7:32 am PST by
We're getting closer to Black Friday, which lands next week on Friday, November 28. In the lead-up to the shopping holiday, we're tracking a few lowest-ever prices on Apple's most popular Macs, including the M4 MacBook Air and brand new M5 MacBook Pro. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment,...
Read Full Article1 comments
Apple Wallet ID Illinois

iPhone Driver's License Feature Launching in Illinois

Tuesday November 18, 2025 8:47 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Starting this Wednesday, November 19, the feature will be available to residents of Illinois. The announcement confirmed that the...
Read Full Article69 comments

Top Rated Comments

bradl Avatar
bradl
103 months ago
The question looming here is, will those MacOS patches be backported to Sierra down to Mavericks, or even if supported, Mountain Lion? We already know that previous versions of iOS and tvOS are not going to have this patch, so they're stuck.. but what of MacOS?

BL.
Score: 26 Votes (Like | Disagree)
OldSchoolMacGuy Avatar
OldSchoolMacGuy
103 months ago
That was quick. And yet there were still many crying "Why won't Apple be more open and talk about this!!!!"
Score: 22 Votes (Like | Disagree)
bradl Avatar
bradl
103 months ago
Does it only affect Intel processors?
Spectre affects all modern processors, including those designed by Intel, AMD and ARM, but Meltdown is currently thought only to affect Intel ('https://www.theguardian.com/technology/intel') chips manufactured since 1995, with the exception of the Itanium and Atom chips made before 2013.

https://www.theguardian.com/technology/2018/jan/04/meltdown-spectre-computer-processor-intel-security-flaws-explainer
Guess I'm busting back out my 486SX20 (without the math coprocessor), and dropping back to 32bit Linux and Windows 3.1.

Doom, Duke Nukem, and Leisure Suit Larry, here I come! :D :P

BL.
Score: 14 Votes (Like | Disagree)
OldSchoolMacGuy Avatar
OldSchoolMacGuy
103 months ago
Great to hear that there was some proactive action taken quickly against these vulnerabilities. And glad to see the flaws took the proper disclosure path rather than someone tweeting how to take advantage of the vulnerability for his/her 15 minutes of fame. ;)
Daniel Gruss, a information security researcher and post-doctoral fellow at Austria's Graz Technical University was the one that discovered Meltdown last year. Though now Google claims they too discovered it after that time. Seems like one of those, "Oh... uh.... yeah... we totally already knew about that but just didn't say anything. We're totally in the know.", on Google's part.
Score: 13 Votes (Like | Disagree)
SecuritySteve Avatar
SecuritySteve
103 months ago
The question looming here is, will those MacOS patches be backported to Sierra down to Mavericks, or even if supported, Mountain Lion? We already know that previous versions of iOS and tvOS are not going to have this patch, so they're stuck.. but what of MacOS?

BL.
Most likely the fixes will be back ported to Sierra and El Capitan alongside 10.13.3. It's not official policy, but Apple only releases security updates for the latest, and previous two OS's. Anything behind El Capitan is EOL by most software security scanners.
Score: 12 Votes (Like | Disagree)
JPack Avatar
JPack
103 months ago
Where are the Apple cheerleaders who were chastising Intel for this hardware flaw?

It's pretty clear Apple processors are affected as well. Where's chastising now for Apple?
Score: 11 Votes (Like | Disagree)
Read All Comments