“If your Apple device is running one of the following operating systems, you’re already (at least partially) protected against Meltdown attacks: macOS 10.13.2 or later; iOS 11.2 or later; tvOS 11.2 or later; watchOS,” Joshua Long writes for Intego. “It’s important to note that Apple often releases security-only updates for the two previous versions of macOS, in this case Sierra and El Capitan. However, Apple has not given any indication that updates for Sierra or El Capitan are forthcoming.”
“Thus, if you have an older version of macOS (or OS X), you’ll need to upgrade to macOS High Sierra version 10.13.2 or later to protect against Meltdown attacks,” Long writes. “Apple has indicated that macOS High Sierra version 10.13.3 is in the works and will include further protections against Meltdown attacks, so be sure to install it when it becomes available. According to Apple, “Apple Watch is not affected by either Meltdown or Spectre.””
“Is my Apple device safe from Spectre? In short: no, not yet (except for Apple Watch),” Long writes. “Until Apple and Google release patches, it’s probably safest to use Firefox 47.0.4 or later on your Mac, and avoid using Safari or Chrome for now. As for iOS devices (iPhone, iPad, and iPod touch), there doesn’t seem to be a safe alternative browser, so you’ll just have to wait patiently for Apple’s forthcoming update.”
Much more info in the full article – recommended – here.
MacDailyNews Take: The big question remains is how much performance negatively impacted by these software bandaids? For that, we wait for research from independent parties.
CERT: The only way to fix the Meltdown and Spectre vulnerabilities is to replace the CPU. Intel et al. are going to try to sell us on a software bandaid instead of really fixing the problem properly. Watch and see. https://t.co/OeC2AoPdlK #Intel #AMD #ARM
— MacDailyNews (@MacDailyNews) January 4, 2018
How Apple product users can protect themselves against Spectre and Meltdown CPU flaws – January 5, 2018
Apple: All Mac systems and iOS devices are affected by Meltdown and Spectre security flaws – January 4, 2018
ARM security update suggests some iPhones, iPads, iPods and Apple TVs may be affected by CPU bug – January 4, 2018
Intel’s CEO Brian Krzanich sold off the majority of his shares after finding out about the irreparable chip flaws – January 4, 2018
CERT: Only way to fix Meltdown and Spectre vulnerabilities is to replace CPU – January 4, 2018
Security flaws put nearly every modern computing device containing chips from Intel, AMD and ARM at risk – January 4, 2018
Apple has already partially implemented fix in macOS for ‘KPTI’ Intel CPU security flaw – January 3, 2018
Intel’s massive chip flaw could hit Mac where it hurts – January 3, 2018