Apple is separating the new smartphones into its usual low-cost versus high-cost categories, with big differences between the two models coming down to the camera, display, and battery life.
iOS 13 & watchOS 6 Now Available
Apple Addresses Meltdown and Spectre in macOS Sierra and OS X El Capitan With New Security Update
Along with macOS High Sierra 10.13.3, Apple this morning released two new security updates that are designed to address the Meltdown and Spectre vulnerabilities on machines that continue to run macOS Sierra and OS X El Capitan.
As outlined in Apple's security support document, Security Update 2018-001 available for macOS Sierra 10.12.6 and OS X El Capitan 10.11.6 offers several mitigations for both Meltdown and Spectre, along with fixes for other security issues, and the updates should be installed immediately.
Apple addressed the Meltdown and Spectre vulnerabilities in macOS High Sierra with the release of macOS High Sierra 10.13.2, but older machines were left unprotected. Apple initially said a prior security update included fixes for the two older operating systems, but that information was later retracted.
Spectre and Meltdown are two hardware-based vulnerabilities that impact nearly all modern processors. Apple in early January confirmed that all of its Mac and iOS devices were impacted, but Meltdown mitigations were introduced ahead of when the vulnerabilities came to light in iOS 11.2 and macOS 10.13.2, and Spectre was addressed through Safari updates in iOS 11.2.2 and a macOS 10.13.2 Supplemental Update.
Spectre and Meltdown take advantage of the speculative execution mechanism of a CPU. As these use hardware-based flaws, operating system manufacturers are required to implement software workarounds. These software workarounds can impact processor performance, but according to Apple, the Meltdown fix has no measurable performance reduction across several benchmarks.
The Spectre Safari mitigations have "no measurable impact" on Speedometer and ARES-6 tests, and an impact of less than 2.5% on the JetStream benchmark.
Many PCs with Intel processors have been facing serious issues following the installation of patches with fixes for Meltdown and Spectre, but these problems do not appear to impact Apple's machines.
As outlined in Apple's security support document, Security Update 2018-001 available for macOS Sierra 10.12.6 and OS X El Capitan 10.11.6 offers several mitigations for both Meltdown and Spectre, along with fixes for other security issues, and the updates should be installed immediately.
Apple addressed the Meltdown and Spectre vulnerabilities in macOS High Sierra with the release of macOS High Sierra 10.13.2, but older machines were left unprotected. Apple initially said a prior security update included fixes for the two older operating systems, but that information was later retracted.
Spectre and Meltdown are two hardware-based vulnerabilities that impact nearly all modern processors. Apple in early January confirmed that all of its Mac and iOS devices were impacted, but Meltdown mitigations were introduced ahead of when the vulnerabilities came to light in iOS 11.2 and macOS 10.13.2, and Spectre was addressed through Safari updates in iOS 11.2.2 and a macOS 10.13.2 Supplemental Update.
Spectre and Meltdown take advantage of the speculative execution mechanism of a CPU. As these use hardware-based flaws, operating system manufacturers are required to implement software workarounds. These software workarounds can impact processor performance, but according to Apple, the Meltdown fix has no measurable performance reduction across several benchmarks.
The Spectre Safari mitigations have "no measurable impact" on Speedometer and ARES-6 tests, and an impact of less than 2.5% on the JetStream benchmark.
Many PCs with Intel processors have been facing serious issues following the installation of patches with fixes for Meltdown and Spectre, but these problems do not appear to impact Apple's machines.
Tag: Meltdown-Spectre
[ 120 comments ]
Top Rated Comments
(View all)
22 months ago
I wonder how reliable Apple's patches are given that Linus Torvalds has condemned the patches ('https://lkml.org/lkml/2018/1/21/192') submitted to the linux kernel by Intel:
Linus is never one to mince words...
That's one thing I love about him. He loves Linux and he wants to make it the best system it can be. He doesn't bother with political correctness or being nice. If someone writes bad code, he lets them know, harshly. Everyone who works with him knows not to take things personally.
We need more people like that in QC and management positions at companies like Apple. Steve Jobs was much the same way.
22 months ago
So, no fixes for Yosemite...
Is it possible to just get El Capitan or Sierra instead of the useless High Sierra...?
https://support.apple.com/en-us/HT208202 (Sierra)
https://support.apple.com/en-us/HT206886 (El Capitan)
22 months ago
yay! :)
[doublepost=1516735640][/doublepost]
The impression I get is that Meltdown is fully patched, but Spectre represents a new class of attacks where no one even really knows how many different kinds of attacks are possible. This patch addresses the current known ones.
[doublepost=1516735640][/doublepost]
Do we know the % of Meltdown and Spectre bugs that are patched? Or is that impossible/difficult to determine?
The impression I get is that Meltdown is fully patched, but Spectre represents a new class of attacks where no one even really knows how many different kinds of attacks are possible. This patch addresses the current known ones.
22 months ago
I shouldn't really reply to someone that joined in October 2017 only to post criticism (not a single positive post).
However, I will point out that one could say all security measures are "half-hearted" in that they address an issue (or a group of them) when many others are either in the pipeline or about to be discovered.
If you cannot get to terms with this fact of computing life then perhaps you should give up computers altogether.
I hate to point out the obvious, but when I am not happy with a service provider I usually move to one that I perceive to be a better one. Have you considered this as an option?
Since when does being a forum member for a short period of time exclude my opinion? I've been in IT for 28 years. I started with Linux and I've been a Mac user for 7 years now. I'm heavily invested in them. Switching isn't A) cheap nor B) is my opinion not the source of the problem.
I am asking for Apple to just be more transparent. As an example, pick the last year of the OS release your running that isn't the current OS, then add up all of the discovered vulnerabilities in the following years and those are the holes you are running with. e.g. a 2015 OS has 540+ holes Apple will -never- fix. So patching spectre and meltdown isn't throwing anyone a bone.
https://www.cvedetails.com/product/15556/Apple-Iphone-Os.html?vendor_id=49
Cisco is not a perfect company but their EOL policy is transparent and certainly works better than Apples. They could learn something from them.
https://www.cisco.com/c/en/us/products/eos-eol-policy.html
Asking Apple to do better is not picking on them, I'm a very concerned customer. I had to dump a fully functional Mac mini because Apple stopped producing patches. That latest iMessage crash bug, not fixed in Sierra. I now have a new mac.
---
One last thing, I joined in October because of precisely this issue. I want to raise awareness so that Apple improves their response, not continue with it's current fog of a policy.
22 months ago
I wonder how reliable Apple's patches are given that Linus Torvalds has condemned the patches ('https://lkml.org/lkml/2018/1/21/192') submitted to the linux kernel by Intel:
Linus is never one to mince words...
the patches are COMPLETE AND UTTER GARBAGE.
And that's actually ignoring the much worse issue, namely that the whole hardware interface is literally mis-designed by morons.
Linus is never one to mince words...
22 months ago
i guess my ibook g4 will be left vulnerable...
Was it ever confirmed that PowerPC chips were at risk?[ Read All Comments ]
Burst Mode refers to when the camera on your iPhone captures a series of photos in rapid succession, at a rate of ten frames per second. It's a great way to shoot an action scene or an unexpected...
Apple's Portrait Mode has become a popular way of taking impressive shots using a depth-of-field effect known as bokeh, allowing iPhone users to shoot a photo that keeps the subject sharp with a...
Apple has redesigned the native Camera app on the iPhone 11 and iPhone 11 Pro to make space for the various additional shooting options available in its new flagship phones, and one particularly...
Apple's massive launch week has come to a close, with the iPhone 11, iPhone 11 Pro, iPhone 11 Pro Max, and Apple Watch Series 5 all debuting on Friday. And as if that wasn't enough, Thursday...
With the arrival of the iPhone 11, iPhone 11 Pro and iPhone 11 Pro Max, Apple has introduced an optional new camera feature in iOS 13 that's designed to allow you to correct the alignment of...
For this week's giveaway, we've teamed up with AnyTrans to offer MacRumors readers a chance to win one of Apple's new iPhone 11 Pro Max devices and a lifetime AnyTrans license.
For...
Due to Apple seeding the iOS 13.1 beta prior to the public release of iOS 13, upgrading to a new iPhone may be a bit trickier this year.
In a support document, Apple has provided instructions...
Apple today the golden master version of an upcoming tvOS 13 update to developers, one week after seeding the eleventh beta and more than three months after unveiling the tvOS 13 software at the...
