Apple Addresses Meltdown and Spectre in macOS Sierra and OS X El Capitan With New Security Update

Along with macOS High Sierra 10.13.3, Apple this morning released two new security updates that are designed to address the Meltdown and Spectre vulnerabilities on machines that continue to run macOS Sierra and OS X El Capitan.

As outlined in Apple's security support document, Security Update 2018-001 available for macOS Sierra 10.12.6 and OS X El Capitan 10.11.6 offers several mitigations for both Meltdown and Spectre, along with fixes for other security issues, and the updates should be installed immediately.

meltdownspectre
Apple addressed the Meltdown and Spectre vulnerabilities in macOS High Sierra with the release of macOS High Sierra 10.13.2, but older machines were left unprotected. Apple initially said a prior security update included fixes for the two older operating systems, but that information was later retracted.

Spectre and Meltdown are two hardware-based vulnerabilities that impact nearly all modern processors. Apple in early January confirmed that all of its Mac and iOS devices were impacted, but Meltdown mitigations were introduced ahead of when the vulnerabilities came to light in iOS 11.2 and macOS 10.13.2, and Spectre was addressed through Safari updates in iOS 11.2.2 and a macOS 10.13.2 Supplemental Update.

Spectre and Meltdown take advantage of the speculative execution mechanism of a CPU. As these use hardware-based flaws, operating system manufacturers are required to implement software workarounds. These software workarounds can impact processor performance, but according to Apple, the Meltdown fix has no measurable performance reduction across several benchmarks.

The Spectre Safari mitigations have "no measurable impact" on Speedometer and ARES-6 tests, and an impact of less than 2.5% on the JetStream benchmark.

Many PCs with Intel processors have been facing serious issues following the installation of patches with fixes for Meltdown and Spectre, but these problems do not appear to impact Apple's machines.

Related Forum: macOS High Sierra

Top Rated Comments

nexu Avatar
80 months ago
Can we get the same for iOS 10?
Score: 12 Votes (Like | Disagree)
Paddle1 Avatar
80 months ago
How about iOS 9 or iOS 10? Lots of devices stuck there.
Score: 12 Votes (Like | Disagree)
zorinlynx Avatar
80 months ago
I wonder how reliable Apple's patches are given that Linus Torvalds has condemned the patches ('https://lkml.org/lkml/2018/1/21/192') submitted to the linux kernel by Intel:




Linus is never one to mince words...
That's one thing I love about him. He loves Linux and he wants to make it the best system it can be. He doesn't bother with political correctness or being nice. If someone writes bad code, he lets them know, harshly. Everyone who works with him knows not to take things personally.

We need more people like that in QC and management positions at companies like Apple. Steve Jobs was much the same way.
Score: 11 Votes (Like | Disagree)
vicviper789 Avatar
80 months ago
i guess my ibook g4 will be left vulnerable...
Score: 6 Votes (Like | Disagree)
lionel77 Avatar
80 months ago
So, no fixes for Yosemite...
Is it possible to just get El Capitan or Sierra instead of the useless High Sierra...?
Yes, fortunately you can still get those installers:
https://support.apple.com/en-us/HT208202 (Sierra)
https://support.apple.com/en-us/HT206886 (El Capitan)
Score: 6 Votes (Like | Disagree)
Dangermen Avatar
80 months ago
I shouldn't really reply to someone that joined in October 2017 only to post criticism (not a single positive post).
However, I will point out that one could say all security measures are "half-hearted" in that they address an issue (or a group of them) when many others are either in the pipeline or about to be discovered.
If you cannot get to terms with this fact of computing life then perhaps you should give up computers altogether.

I hate to point out the obvious, but when I am not happy with a service provider I usually move to one that I perceive to be a better one. Have you considered this as an option?
Since when does being a forum member for a short period of time exclude my opinion? I've been in IT for 28 years. I started with Linux and I've been a Mac user for 7 years now. I'm heavily invested in them. Switching isn't A) cheap nor B) is my opinion not the source of the problem.

I am asking for Apple to just be more transparent. As an example, pick the last year of the OS release your running that isn't the current OS, then add up all of the discovered vulnerabilities in the following years and those are the holes you are running with. e.g. a 2015 OS has 540+ holes Apple will -never- fix. So patching spectre and meltdown isn't throwing anyone a bone.
https://www.cvedetails.com/product/15556/Apple-Iphone-Os.html?vendor_id=49

Cisco is not a perfect company but their EOL policy is transparent and certainly works better than Apples. They could learn something from them.
https://www.cisco.com/c/en/us/products/eos-eol-policy.html

Asking Apple to do better is not picking on them, I'm a very concerned customer. I had to dump a fully functional Mac mini because Apple stopped producing patches. That latest iMessage crash bug, not fixed in Sierra. I now have a new mac.

---

One last thing, I joined in October because of precisely this issue. I want to raise awareness so that Apple improves their response, not continue with it's current fog of a policy.
Score: 5 Votes (Like | Disagree)

Popular Stories

Apple car wheel icon feature yellow

Apple Cancels Electric Car Project

Tuesday February 27, 2024 11:05 am PST by
Apple has canceled all plans to release an autonomous, electric vehicle, reports Bloomberg. Apple has been working on an Apple Car for more than a decade and invested millions of dollars into development before deciding it was not a viable project. Apple's Chief Operating Officer Jeff Williams today told approximately 2,000 employees working on the Apple Car that the project was canceled,...
iOS 18 Mock iPhone 16 Feature Gray

iOS 18 Rumored to Be Compatible With These iPhone Models

Tuesday February 27, 2024 6:31 am PST by
iOS 18 will be compatible with the iPhone XR, and thereby also the iPhone XS and iPhone XS Max models with the same A12 Bionic chip, according to a post on X today from a private account with a proven track record of sharing build numbers for upcoming iOS updates. The post was spotted by MacRumors contributor Aaron Perris, and it has since been deleted. However, this was likely because the...
Google maps feaure

Google Maps Finally Rolls Out Glanceable Directions

Wednesday February 28, 2024 2:07 am PST by
After more than a year since announcing the feature, Google Maps is finally rolling out glanceable directions on Android and iOS (via Android Police). The feature allows users to view turn-by-turn directions and a live ETA directly from their device's lock screen – information that was previously only visible when a phone was unlocked. Glanceable directions also work on the app's route...
iPad Air 5

iPadOS 18 Rumored to Drop Support for These iPad Models

Tuesday February 27, 2024 6:55 am PST by
iPadOS 18 will drop support for iPad models equipped with the A10X Fusion chip, according to a post on X today from a private account with a proven track record of sharing build numbers for upcoming iOS and iPadOS updates. This means that iPadOS 18 would not be compatible with the first-generation 10.5-inch iPad Pro or the second-generation 12.9-inch iPad Pro models released in 2017. It...
iOS 17

iOS 17.4 Coming Soon With These New Features for Your iPhone

Monday February 26, 2024 6:08 am PST by
In a press release last month, Apple confirmed that iOS 17.4 will be released in March, and the update includes several new features and changes for the iPhone. Key new features in iOS 17.4 include major App Store changes in the EU, Apple Podcasts transcripts, and an iMessage security upgrade. The update also adds new emoji and includes preparations for the launch of next-generation CarPlay...
M3 MacBook Air Feature

New MacBook Air Models Launching Next Month: 5 Features to Expect

Wednesday February 28, 2024 1:50 am PST by
The existing 15-inch MacBook Air arrived in June 2023, which is not that long ago in terms of Mac update cycles. However, Apple released the current 13-inch ‌MacBook Air back in June 2022. It is now the oldest Mac in Apple's current crop, having not been updated in 600 days. But rumors suggest that is unlikely to be the case for much longer. According to Bloomberg's Mark Gurman, Apple has...
iOS 17

10 New Things Your iPhone Can Do in Next Month's iOS 17.4 Update

Tuesday February 27, 2024 8:18 am PST by
Apple will next month release iOS 17.4, its biggest iPhone software update of the year so far, featuring a number of features and changes that users have been anticipating for quite a while. Below, we've listed 10 new things that your iPhone will be able to do after you've installed the update, which is projected to arrive by March 7. When the day arrives, be sure to check Settings ➝...