Intel Says New Software Updates Make Computers 'Immune' to Meltdown and Spectre Vulnerabilities

intelIntel today announced that the firmware updates and software patches that are being released for its CPUs render Intel-based computer systems "immune" to both the Spectre and Meltdown exploits that were widely publicized this week.

Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems -- including personal computers and servers -- that render those systems immune from both exploits (referred to as "Spectre" and "Meltdown") reported by Google Project Zero. Intel and its partners have made significant progress in deploying updates as both software patches and firmware updates.

Intel says updates have been issued for the majority of Intel processor products introduced within the past five years, and by the end of next week, more than 90 percent of processor products from the last five years will be patched.

For Mac users, Apple has already addressed some of the vulnerabilities in the macOS High Sierra 10.13.2 update, and further updates will come in macOS High Sierra 10.13.3. To make sure you're protected as a Mac user, install all of the latest operating system updates and firmware patches. As always, it's also worth avoiding suspicious programs, websites, and links.

Intel today also reiterated that the updates that are being released for Mac, PC, and Linux machines should not significantly impact day to day usage and should, for the most part, be unnoticeable. That seems to be true of the macOS High Sierra 10.13.2 update, as there have been no reports of slowdowns from Mac users.

Intel continues to believe that the performance impact of these updates is highly workload-dependent and, for the average computer user, should not be significant and will be mitigated over time. While on some discrete workloads the performance impact from the software updates may initially be higher, additional post-deployment identification, testing and improvement of the software updates should mitigate that impact.

While hints of an Intel CPU design flaw and security vulnerability surfaced on Tuesday, it wasn't until Wednesday that full details were shared on the Meltdown and Spectre exploits, which take advantage of the speculative execution mechanism of a CPU.

Meltdown impacts Intel CPUs, allowing a malicious program to access data from the memory of running apps, providing passwords, emails, documents, photos, and more. Meltdown can be exploited to read the entire physical memory of a target machine, and it can be done through something as simple as a website. The vulnerability is particularly problematic for cloud-based services.

Spectre, which breaks the isolation between different applications, is a wider hardware-based problem impacting all modern Intel, ARM, and AMD processors. Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.

While patches are going out that appear to prevent the current known Meltdown and Spectre exploits, these speculative execution vulnerabilities will continue to be a problem for years to come, according to security researchers. Similar vulnerabilities will surface, and while performance impacts from software-based workarounds are minor, they're still present.

Paul Kocher, one of the security researchers who helped discover the flaws, told The New York Times that this will be a "festering problem over hardware life cycles." "It's not going to change tomorrow or the day after," he said. "It's going to take awhile."

Top Rated Comments

unashamedgeek Avatar
40 months ago

Getting blown into a much bigger deal than it is.

I think that is going to depend on your definition of a "big deal". I know this is going to be a big deal in my world of pen testing for some time to come as exploits get released. Being able to jump from ring 3 to ring 0 is the main goal once gaining a foothold on a system. Additionally, Mozilla has stated they have proven that a browser can be used to exploit these so if XSS can be used to pull memory contents, I'm going to have some fun engagements coming up.

EDIT: I forgot to even discuss the potential issues with host and guest systems. Popping a guest OS and being able to access memory on the host, now we're really talking full compromise.
Score: 11 Votes (Like | Disagree)
longofest Avatar
40 months ago

Intel today also reiterated that the updates that are being released for Mac, PC, and Linux machines should not significantly impact day to day usage and should, for the most part, be unnoticeable.

However, if you are running any kind of significant workload that access the kernel frequently, such as frequent I/O requests used in database applications, then the impact is actually quite severe. People have seen their cloud services go to crap as the providers apply the patches.

I get that most day to day users may not care about this on their desktops, but step back and think about this a minute. You have a potentially 20-30% CPU performance hit on the cloud. That means that in order to achieve the same performance this week as they did last week, cloud computing providers will have to bump their capacity by potentially 20-30%. Along with that comes more power demands which renewable sources may or may not be able to meet...

Some of you are saying "this is getting blown out of proportions." I say the impacts of this are just starting to be felt.
Score: 8 Votes (Like | Disagree)
jclo Avatar
40 months ago

I pretty sure that so far they have only worked to patch Meltdown. My system is up to date and the Spectre PoC released by Google still works on my MacBook Pro.

Another instance where I really wish Apple would provide us with some clarification and additional information.
Score: 5 Votes (Like | Disagree)
EdwardC Avatar
40 months ago

But then I would have to update to High Sierra..... What to do.......

https://support.apple.com/en-gb/HT208331

Possibly not.
Score: 4 Votes (Like | Disagree)
unashamedgeek Avatar
40 months ago

For Mac users, Apple has already addressed the vulnerabilities ('https://www.macrumors.com/2018/01/03/intel-design-flaw-fixed-macos-10-13-2/') in the macOS High Sierra 10.13.2 update, and further updates will come in macOS High Sierra 10.13.3.

I pretty sure that so far they have only worked to patch Meltdown. My system is up to date and the Spectre PoC released by Google still works on my MacBook Pro.
Score: 2 Votes (Like | Disagree)
coolfactor Avatar
40 months ago

But then I would have to update to High Sierra..... What to do.......

Is there something stopping you from updating to High Sierra? It works great.
[doublepost=1515110243][/doublepost]

Does this affect a Mac running Mavericks?

Yes.
[doublepost=1515110410][/doublepost]

I’m really curious to see some benchmarks of before and after. Gladly with this amount of people with too much free time on websites such as this I can be confident there will be plenty soon.

Benchmarks will be pretty non-informative, as benchmarking software tends to max out the CPU and therefore may over-exaggerate the effects that one would experience. It's been reported that the fixes are "barely noticeable" in day-to-day computing. Only very specific applications may run into a performance reduction, and likely not as noticeable as media wants us to believe.
[doublepost=1515110506][/doublepost]

What about people that don’t want to upgrade to 10.13? My 2013 MBP is still running El Cap. We’re these released in security updates??

Do yourself a favour. Update to 10.13 AND ensure you are using an SSL internally, and your four-year old computer will feel newer than new. Performance will be incredible.

Is there something keeping you on El Cap other than fear?
Score: 2 Votes (Like | Disagree)

Top Stories

cook cbs this morning

CBS This Morning: Apple to Make 'Big Announcement' Tomorrow Morning

Tuesday January 12, 2021 8:46 am PST by
CBS This Morning today shared a short clip of an upcoming interview with Apple CEO Tim Cook in which addressing last week's events at the U.S. Capitol, with Cook saying "it's key that people be held accountable for it." Following the clip, Gayle King of CBS noted that the interview with Cook was not specifically arranged to address the current controversy over Parler and other repercussions, ...
ipad pro 2021 mysmartprice cad

Allegedly Leaked 2021 iPad Pro CAD Images Suggest Few Design Changes

Tuesday January 12, 2021 3:38 am PST by
Tech blogs 91mobile and MySmartPrice on Tuesday posted a series of allegedly leaked factory CAD images of Apple's upcoming fifth-generation 11-inch iPad Pro. Rumors suggest Apple plans to announce two new iPad Pro models in both 11-inch and 12.9-inch versions, and today's images offer perhaps the clearest indication yet that Apple's next-generation iPad Pros will have minimal, if any,...
prototype iphone 12 pro

Prototype iPhone 12 Pro Shown Off in Photos

Wednesday January 13, 2021 3:39 pm PST by
Developer Giulio Zompetti, who often shows off prototype versions of Apple devices, today highlighted a prototype version of the iPhone 12 Pro. The iPhone 12 Pro is running an operating system called SwitchBoard, a nonUI version of the iOS 14 update that Apple uses internally. We've seen SwitchBoard on prototype devices before, as Apple uses it to test new features. Zompetti's prototype...
find my app safari post

Safari Allows Users to Enable Hidden 'Items' Tab in 'Find My' App Ahead of AirTags Launch

Wednesday January 13, 2021 5:45 am PST by
As seen in screenshots obtained by MacRumors in 2019, Apple's long-rumored AirTags items trackers are expected to be managed through the Find My app on iPhone, iPad, and Mac. Now, any user can get an early look at this tab. MacRumors reader David Chu today alerted us that the hidden "Items" tab in the Find My app can be enabled on an iPhone or iPad by typing in the link findmy://items in...
iphone x camera close

iOS 14.4 Will Introduce Warning on iPhones With Non-Genuine Cameras

Thursday January 14, 2021 8:07 am PST by
In the second beta of iOS 14.4 seeded to developers and public testers this week, MacRumors contributor Steve Moser has discovered code indicating that Apple will be introducing a new warning on iPhones that have had their camera repaired or replaced with aftermarket components rather than genuine Apple components. "Unable to verify this iPhone has a genuine Apple camera," the message will...
mac anti reflective coating issue

Apple's Anti-Reflective Coating Repair Program Still in Effect for Some MacBooks With New Mail-In Policy

Tuesday January 12, 2021 10:07 am PST by
In an internal memo obtained by MacRumors, Apple recently informed its network of Apple Authorized Service Providers that mail-in repair is now required for Mac notebooks with anti-reflective coating issues in the United States. The new policy went into effect January 4, 2021 and means that customers who take an eligible 12-inch MacBook or MacBook Pro exhibiting this issue to an Apple...
pioneer carplay wc5700nex

The Best Apple-Related Accessories at CES 2021

Wednesday January 13, 2021 1:16 pm PST by
CES 2021 is taking place digitally this year, and it hasn't been as exciting as in past years because many vendors have opted out. That said, some companies are still showing off some interesting Apple-related accessories that are coming out this year and that will be of interest to Mac, iPad, and iPhone users. Subscribe to the MacRumors YouTube channel for more videos. Pioneer Wireless...
Hue module dimmer switch

Philips Hue Announces New Wall Switch Module, Dimmer Switch, and Outdoor Light Bar

Thursday January 14, 2021 3:11 am PST by
Philips Hue has announced a new wireless dimmer switch module that lets Hue bridge owners directly control the smart lighting from their standard wall switches. The new Philips Hue wall switch module is the ideal addition to any Philips Hue set up. Installed behind existing light switches, it allows users to turn their existing switch into a smart switch and ensures their smart lighting is...
whatsapp wallpapers 1

WhatsApp Affirms User Privacy Following Backlash Over Data Sharing With Facebook

Tuesday January 12, 2021 6:39 am PST by
Following backlash after changing its terms and privacy policy to consolidate a significant amount of data sharing with Facebook, WhatsApp is now assuring users about the privacy measures built into its app. Last week, WhatsApp began informing users of updates to the app's terms of service and privacy policy. The updated agreements, which users must consent to in order to continue using...
apple racial equity justice initiative propel center render 01132021

Apple Launches New Nationwide Racial Equity and Justice Initiative Projects

Wednesday January 13, 2021 4:08 am PST by
Apple today announced a set of new projects as part of its $100 million Racial Equity and Justice Initiative (REJI) to help dismantle systemic barriers to opportunity and combat injustices faced by communities of color. Rendering of the Propel Center The projects include the Propel Center, a global innovation and learning hub for Historically Black Colleges and Universities (HBCUs), an Apple ...