Apple Releases macOS High Sierra 10.13.2 Supplemental Update With Spectre Fix

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jan 8, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Apple today released a macOS High Sierra 10.13.2 supplemental update, which comes a little more than a month after the initial release of macOS High Sierra 10.13.2.

    macOS High Sierra 10.13.2 is a free update for all customers who have a compatible machine. The update can be downloaded using the Software Update function in the Mac App Store.

    [​IMG]

    macOS High Sierra 10.13.2 addresses the "Spectre" vulnerability that was publicized last week. Spectre, along with its sister vulnerability "Meltdown" are serious hardware-based exploits that take advantage of the speculative execution mechanism of a CPU, allowing hackers to gain access to sensitive information.

    While Meltdown was addressed in the initial macOS High Sierra 10.13.2 update, Apple said it would introduce a mitigation for Spectre in macOS and iOS early this week. There is no hardware fix for Spectre, so Apple is addressing the vulnerability using Safari-based software workarounds.

    There's also a Safari 11.0.2 update available for macOS Sierra 10.12.6 and OS X El Capitan 10.11.6 that is designed to mitigate the effects of the Spectre vulnerability. Customers running macOS Sierra and OS X El Capitan should download the new version of Safari to make sure their machines are protected.

    Article Link: Apple Releases macOS High Sierra 10.13.2 Supplemental Update With Spectre Fix
     
  2. Rudy69 macrumors 6502a

    Rudy69

    Joined:
    Mar 30, 2009
  3. randyhudson macrumors regular

    Joined:
    Oct 28, 2007
    Location:
    East Coast
  4. meaning-matters macrumors 6502

    meaning-matters

    Joined:
    Dec 13, 2013
    #4
    Nice to know it's a free update.
    When was the last paid upgrade?
     
  5. ruchern macrumors regular

    Joined:
    Jun 2, 2017
    Location:
    Singapore
    #5
    Years ago I think.
     
  6. justperry macrumors G3

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
  7. kemal macrumors 65816

    kemal

    Joined:
    Dec 21, 2001
    Location:
    Nebraska
  8. coolfactor macrumors 68040

    Joined:
    Jul 29, 2002
    Location:
    Vancouver, BC CANADA
    #8
    Yah, and other browsers are responsible for their own fixes.

    With browsers fixed, Spectre can’t be exploited via a web page.
     
  9. fairuz macrumors 65816

    fairuz

    Joined:
    Aug 27, 2017
    Location:
    San Francisco
    #9
    RIP branch prediction
     
  10. coolfactor macrumors 68040

    Joined:
    Jul 29, 2002
    Location:
    Vancouver, BC CANADA
    #10
    It’s likely addressed at the JavaScriptCore level, so system-wide.

    I also read that browsers were addressing the issue by removing a feature from JavaScript.
     
  11. CaTOAGU macrumors 6502a

    Joined:
    Jul 15, 2008
    Location:
    Manchester, UK
    #11
    Sigh mine seems to be stuck on the install screen
     
  12. thejadedmonkey macrumors 604

    thejadedmonkey

    Joined:
    May 28, 2005
    Location:
    Pennsylvania
    #12
    Any word on 10.12 for OS X? Some of us can't upgrade presently, despite being on supported hardware.
     
  13. chrfr macrumors 603

    Joined:
    Jul 11, 2009
    #13
    There's an update for Safari to mitigate Spectre but still no Meltdown update.
     
  14. bwintx macrumors 6502

    bwintx

    Joined:
    Jul 17, 2002
    #14
    2017 iMac 27" here with this update. Fine and dandy.
     
  15. Sheza macrumors 68000

    Sheza

    Joined:
    Aug 14, 2010
    Location:
    Croydon & London At The Same Time
    #15
    Lol I'm not getting High Sierra. PoS full of bugs and performance issues.
     
  16. RobertPS macrumors newbie

    Joined:
    Dec 3, 2010
    #16
    I had to install Safari 11.0.2 twice on OS X 10.12.6. The Update button was still active after the first update.
     
  17. blackdogaudio macrumors regular

    blackdogaudio

    Joined:
    Aug 17, 2016
    #17
    Leave it alone..the progress bar will finally give you a countdown during the last 18 minutes. Seems like it took 25 minutes or so to complete here.
     
  18. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #18
    Benchmarks are going to be completely different depending on what you do.

    For most there will be almost no impact. For those that run lots of virtual machines, they will see the biggest impact.
     
  19. iosuser macrumors 6502a

    Joined:
    Mar 12, 2012
    #19
    Here's a benchmark on PC. I know this is an apple to orange comparison (pun fully intended), but might give you a bit of an idea as to the impact to performance. Gaming and geekbench performance pre and post updates (which included Windows only as well as Windows+firmware updates) are more or less within margin of error. The one big hit was to 512K write performance on the SSD. In everyday usage I probably won't notice any difference.

    https://www.techspot.com/article/1556-meltdown-and-spectre-cpu-performance-windows/
     
  20. OldSchoolMacGuy macrumors 68040

    OldSchoolMacGuy

    Joined:
    Jul 10, 2008
    #20
    Read the post. It says right in there.
     
  21. gnipgnop macrumors 65816

    Joined:
    Feb 18, 2009
    #21
    Sweet...upgraded to High Sierra just recently due to it already being partially patched.
     
  22. SecuritySteve macrumors 6502

    SecuritySteve

    Joined:
    Jul 6, 2017
    Location:
    California
    #22
    Interestingly ... this update appears to have updated the OS X kernel itself. Note the output of SW_VERS on the command line pre and post update:

    Pre:
    ProductName: Mac OS X
    ProductVersion: 10.13.2
    BuildVersion: 17C88
    Post:
    ProductName: Mac OS X
    ProductVersion: 10.13.2
    BuildVersion: 17C205

    Since this update was just to Safari / WebKit, you would think that the kernel wouldn't need an update, which makes me wonder what else they snuck in.
     
  23. Darmok N Jalad, Jan 8, 2018
    Last edited: Jan 8, 2018

    Darmok N Jalad macrumors 6502a

    Darmok N Jalad

    Joined:
    Sep 26, 2017
    Location:
    Tanagra
    #23
    I ran a few from 10.12.6 and 10.13.2 before this update. When I get a chance this evening I’ll update, run them again and post.

    Edit: Results
     
  24. Vashetti macrumors regular

    Vashetti

    Joined:
    Nov 17, 2015
  25. MLMcGrath1982 macrumors newbie

    MLMcGrath1982

    Joined:
    Aug 23, 2016
    #25
    I'm on 10.13.3 Beta (17D29a) so I hope this is also patched.
     

Share This Page