“Apple just released iOS 11.2.2 with some Safari and WebKit improvements to mitigate the Spectre vulnerability,” Romain Dillet reports for TechCrunch. “macOS is also receiving an update. It’s a supplemental update to macOS High Sierra 10.13.2 and it includes the same fix.”
“As always, you should update your devices with the latest security patches. In this case, Meltdown and Spectre are serious vulnerabilities,” Dillet reports. “Meltdown was already addressed in previous updates. iOS 11.2, macOS 10.13.2 and tvOS 11.2 already included mitigations for Meltdown. Apple Watch chips aren’t affected by Meltdown.”
“Spectre isn’t as serious as it only breaks the isolation between multiple applications,” Dillet reports. “But it can be exploited using Javascript in a web browser.”
Read more in the full article here.
MacDailyNews Take: Update your Mac(s) and device(s) ASAP!
Now we wait to see how much performance negatively impacted by these software bandaids via research from independent parties.
CERT: The only way to fix the Meltdown and Spectre vulnerabilities is to replace the CPU. Intel et al. are going to try to sell us on a software bandaid instead of really fixing the problem properly. Watch and see. https://t.co/OeC2AoPdlK #Intel #AMD #ARM
— MacDailyNews (@MacDailyNews) January 4, 2018
SEE ALSO:
Meltdown and Spectre: What Apple users need to know – January 8, 2018
How Apple product users can protect themselves against Spectre and Meltdown CPU flaws – January 5, 2018
Apple: All Mac systems and iOS devices are affected by Meltdown and Spectre security flaws – January 4, 2018
ARM security update suggests some iPhones, iPads, iPods and Apple TVs may be affected by CPU bug – January 4, 2018
Intel’s CEO Brian Krzanich sold off the majority of his shares after finding out about the irreparable chip flaws – January 4, 2018
CERT: Only way to fix Meltdown and Spectre vulnerabilities is to replace CPU – January 4, 2018
Security flaws put nearly every modern computing device containing chips from Intel, AMD and ARM at risk – January 4, 2018
Apple has already partially implemented fix in macOS for ‘KPTI’ Intel CPU security flaw – January 3, 2018
Intel’s massive chip flaw could hit Mac where it hurts – January 3, 2018
Great job Apple, you scared people from wanting to upgrade their iOS device. What are you going to slow down with this update? The camera?
Moron. ^^
Technophobic?…
I’m running 3 security cameras on one monitor and surf the internet on another monitor connected to a Late 12 MacMini quad i7 16GB ram and I can’t detect any slowing after the update so far.
Yup, after the update my 12″ MacBook runs a bit slower. It’s OK but the performance hit is noticeable.
This is why they set the beta at 11.2.5, because they knew some needed out of band updates were critical, before beta testing was finished.
So if you don’t want to run High Sierra yet, your Mac stays vulnerable?
does not seem any slower to me!
Model Name: iMac
Model Identifier: iMac18,3
Processor Name: Intel Core i5
Processor Speed: 3.8 GHz
Number of Processors: 1
Total Number of Cores: 4
L2 Cache (per Core): 256 KB
L3 Cache: 6 MB
Memory: 24 GB
Well, yes and no.
Yes, it is vulnerable to any exploits that may be developed in the future (there is no malware in the wild yet).
No, it will not become vulnerable unless somebody who can program at the machine instruction level devotes a considerable amount of effort writing malware, knowing full well that it won’t work on any newer device, and you then download it to your Mac.
Meant as reply to Texas Apple Fan.
Apple needs to offer patches across 12 years of computers and mobile devices, just NOT across their current product and OS lineup
Twelve years? I do not agree at all. Apple did not create this problem and, even if Apple were responsible, it does not make any sense to waste resources delivering updates for dead OS versions running on obsolete hardware.
And I state this with the understanding that I have a 2007 iMac and a 2008 iMac – roughly a decade old. I do not expect Apple to develop and distribute security updates for those old systems. A cut-off of five years would seem more reasonable, and I would think that the vast majority of those computers and devices could run the latest version of macOS/iOS with the security mitigations already being deployed. For those with software incompatibilities, perhaps Apple could reach back a couple of versions in macOS to help out.
5 years is absolutely NOT acceptable for an Apple product, particularly a Mac. I think that a very large proportion of Macs are in use 8-10 years, and that is part of the reason people are willing to pay a premium for them.
Apple didn’t design this problem, Apple merely installed it in your device.
The update process froze on my 2017 MBP. Had to force a power down and restart it but all is now OK?. Did not change the release # from 10.13.2
I attempted to install this update and my 2010 27″ iMac is now apparently bricked. The screen powers up with thin green and orange vertical lines, the fan either screams or doesn’t run at all with each attempted reboot. I’ve tried to option-reboot to start from a bootable thumb drive, but no luck. It’s a bit of a heartbreak, honestly.
Water damage. That’s what they said to me on an iPhone…
Same situation, failed update.
Happy ending… $304 Class Action Check and phone worked with a jailbreak.
Water damage was sarcasm of course, but indeed the answer in my story.
I think I’ll wait to update my MBP 2010 thanks for the heads up.
I would actually rather take my chances with a security vulnerability for a couple more weeks than jump at a hastily put together OS update.
You are correct. Apple seems to be too late on delivery or too hasty. What a conundrum. Thanks, Tim.
RIP Snappy!
So you did the update? and your computer is slow now? what year and model, I’m holding off on this update I have an older MBP 2010 don’t want to fuck it up.
Definitely some effect on my 7 Plus. Normal usage is fine but I have noticed that some game animations aren’t quite as smooth. They’re not bad, just not as silky smooth as before.
Will be interesting to see if any developers change their apps to cater for the iOS patches.
Update: no noticeable effect on 2nd gen 12.9” iPad Pro
More likely that Apple will optimize the fixes with additional updates
MBP RD Mid 2015 16GB
under 10 min total
Flawless update