Linked by Thom Holwerda on Tue 23rd Jan 2018 22:31 UTC
Mac OS X

Along with macOS High Sierra 10.13.3, Apple this morning released two new security updates that are designed to address the Meltdown and Spectre vulnerabilities on machines that continue to run macOS Sierra and OS X El Capitan.

As outlined in Apple's security support document, Security Update 2018-001 available for macOS Sierra 10.12.6 and OS X El Capitan 10.11.6 offers several mitigations for both Meltdown and Spectre, along with fixes for other security issues, and the updates should be installed immediately.

Together with last week's update, this means the last three major revisions of macOS are now protected from the processor bugs.

Order by: Score:
typo?
by gld59 on Tue 23rd Jan 2018 22:36 UTC
gld59
Member since:
2012-11-09

I assume that should read "now protected".

Reply Score: 2

RE: typo?
by kragil on Wed 24th Jan 2018 08:12 UTC in reply to "typo?"
kragil Member since:
2006-01-04

AFAIK there is no total protection against Spectre, only migitation.

Reply Score: 3

Comment by Alfman
by Alfman on Tue 23rd Jan 2018 23:25 UTC
Alfman
Member since:
2011-01-28

Thom Holwerda,

Together with last week's update, this means the last three major revisions of macOS are now protected from the processor bugs.


I think it's premature to say anyone is now protected from the processor bugs. For one thing, intel has publicly stated that it's patches are faulty and recommended they not be installed at this point in time.

https://newsroom.intel.com/news/root-cause-of-reboot-issue-identifie...


Also the code pattern used by spectre is relatively rare in C based kernels (and therefor easier to clean out), but I believe there could be potentially many variations on the spectre attack that will be more difficult to identify and mitigate.

One final point is that even if the kernel is fully protected, the spectre attack works across domains, so system daemons and other processes are potentially vulnerable even if the kernel itself is not.

Unfortunately there's no quick fix for this class of attack, short of disabling speculative execution entirely.

Edited 2018-01-23 23:33 UTC

Reply Score: 6

Update increased my boot time by 4 seconds
by mlankton on Tue 23rd Jan 2018 23:25 UTC
mlankton
Member since:
2009-06-11

Initially it more than doubled my boot time and I thought here we go back to the bad old days of 30+ second boots, but an nvram reset has it booting a mere 4 seconds slower than preupdate. Even so, if linux can manage 7 seconds why do I have to wait 16 on my iMac?

Reply Score: 2

forte555 Member since:
2009-06-16

Its very common that your bootup is slower first boot after a update but other then that the patch is only for Safari so that updating Safari would make your computer slower sounds very strange.. are you sure its not just placebo?

Edited 2018-01-24 08:18 UTC

Reply Score: 2

judgen Member since:
2006-07-12

High Sierra is slow by design. https://www.youtube.com/watch?v=Lr1rEdRgxVY

Reply Score: 0

user78
Member since:
2011-07-06

all unixes used C programming, but lately LINUX act so nervous, while that MICROSOFT still assuring users everything is fine in their end...besides...it has no effect on any BSD or FreeBSD so far...its older system code than newer alter fake UNIX aka LINUX BOX...

only way to make it work...the spectre bug has to latched on exe or windows system syscalls like svchosts ...while unix can't run exe or run win syscalls at all...so its recommended not update at all if using apple or bsd or even LINUX shouldn't jump the gun when they forget who they are really....i am not sure its a UNIX os or some fake type linus created....its a mess to me...their code base is litter with bugs all the time...

Edited 2018-01-27 02:38 UTC

Reply Score: 1