Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2

Discussion in 'MacRumors.com News Discussion' started by MacRumors, Jan 3, 2018.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    A serious design flaw and security vulnerability discovered in Intel CPUs has reportedly already been partially addressed by Apple in the recent macOS 10.13.2 update, which was released to the public on December 6.

    [​IMG]

    According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from "multiple sources within Apple" that updates made in macOS 10.13.2 have mitigated "most" security concerns associated with the KPTI vulnerability.

    Publicized yesterday, the design flaw in Intel chips allows normal user programs to see some of the contents of the protected kernel memory, potentially giving hackers and malicious programs access to sensitive information like passwords, login keys, and more.

    Full details on the vulnerability continue to be unavailable and under embargo, so it's not yet clear just how serious it is, but fixing it involves isolating the kernel's memory from user processes using Kernel Page Table Isolation at the OS level. Implementing Kernel Page Table Isolation could cause a performance hit on some machines.

    According to The Register, which first shared details on the vulnerability, Windows and Linux machines will see a 5 to 30 percent slowdown once a fix is in place. It appears Macs may not be hit as heavily, as no noticeable performance slowdowns have been reported since the launch of macOS 10.13.2.

    Ionescu also says that performance drop on a system with PCID (Process-Context Identifiers), available on most modern Macs, is "minimal," so most users may not see an impact on day-to-day Mac usage.

    Article Link: Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2
     
  2. tzm41 macrumors regular

    tzm41

    Joined:
    Jul 11, 2014
    Location:
    Boston, USA
  3. justperry macrumors G3

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
  4. MysteryMii215 macrumors regular

    MysteryMii215

    Joined:
    Jan 10, 2016
    Location:
    NYC area
  5. Rudy69 macrumors 6502a

    Rudy69

    Joined:
    Mar 30, 2009
    #5
    It will be interesting to see the benchmarks from 10.13.1 and 10.13.2/10.13.3 to see the real impact on performance
     
  6. radiology macrumors 6502

    radiology

    Joined:
    Feb 11, 2014
    Location:
    Westlake, OH
    #6
    I wonder what will be the downstream effect in the release of new chips and new Apple laptops and desktops. When should we expect to see a new MacBook Pro? is this the excuse Apple wanted to delay the release of Macs?
     
  7. justperry macrumors G3

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
    #7

    Erm...no, 10.13.2 has been out for quite a bit, almost a month ago.

    Might have even been in earlier beta's as well.
     
  8. pier macrumors 6502a

    pier

    Joined:
    Feb 7, 2009
  9. alex00100 macrumors 6502

    Joined:
    Mar 17, 2011
    Location:
    Moscow, Russia
  10. sublunar macrumors 6502a

    Joined:
    Jun 23, 2007
    #10
    Pre-Haswell CPUs will be hit worse apparently - that appears to include Ivy Bridge as used in 2012 Retina MacBook Pros, 2012 Mac Minis, and even - I think - the 2013 nMP.

    Another reason for Apple to quietly retire the nMP as soon as possible because future benchmarks could potentially not look good for it. Good thing they already released something in 10.13.2 and have more fixes coming in 10.13.3.
     
  11. noxivs macrumors newbie

    noxivs

    Joined:
    Sep 16, 2015
    Location:
    ist
    #11
    What do we make of this really? I think someone should do a comparative test on handbrake or anything that solely uses CPU and only then we can tell the difference between 10.13.2 and any previous versions of macOS
     
  12. RoobyRoobyRoo macrumors member

    Joined:
    Oct 3, 2016
    #12
    So quick that it happened in the past! I like this new time-bending Apple.
     
  13. Mike MA macrumors 68000

    Mike MA

    Joined:
    Sep 21, 2012
    #13
    In my opinion Apple is having some issue with transparency. Why not addressing fixes like this or actions like the battery management more openly? Many things might be good decisions or actions from a content perspective, but not well explained in the first place.
     
  14. SecuritySteve macrumors 6502

    SecuritySteve

    Joined:
    Jul 6, 2017
    Location:
    California
    #14
    Anyone know if this applies to security-patches for Sierra / El Capitan?
     
  15. justperry macrumors G3

    justperry

    Joined:
    Aug 10, 2007
    Location:
    In the core of a black hole.
    #15
    My MBP and Mac Mini are both 2012 models.
     
  16. Frederik on MacRumors macrumors member

    Frederik on MacRumors

    Joined:
    Oct 7, 2015
    Location:
    Germany
    #16
    What about my MacBook Pro mid 2009? Is it not affected?
     
  17. bbfc macrumors 68030

    bbfc

    Joined:
    Oct 22, 2011
    Location:
    Newcastle Great Park, England.
    #17
    I don't believe they could talk about this issue as its under an NDA.

    What I find even more less-transparent, is the fact that this issue is not mentioned on the Intel website, or if it is its buried deep. This should be the first thing you see! Not mentioned on any of their social media accounts too!
     
  18. Mascots macrumors 68000

    Mascots

    Joined:
    Sep 5, 2009
    #18
    Ah how nice to hear Apple is ahead of this one. Would be refreshing if this was a turn around of a pretty rocky 2017 as far as software hardness goes.
     
  19. Mike MA macrumors 68000

    Mike MA

    Joined:
    Sep 21, 2012
    #19
    We‘re on the same page here. I also emphasized the need on many of the decisions taken. Yet, some explanations could avoid a lot of discussions or controversy.
     
  20. Darmok N Jalad macrumors 65816

    Darmok N Jalad

    Joined:
    Sep 26, 2017
    Location:
    Tanagra
    #20
    I’m also curious how this affects Sierra. I’m currently on it to dual boot Windows with a non-EFI card, but I may just ditch the Windows partition for this one or try the HS upgrade without the APFS conversion.
     
  21. juanmj93 macrumors newbie

    juanmj93

    Joined:
    Jan 3, 2018
    #21
    Just saw some Linux benchmarks and some workloads that make lots of syscalls such as virtualization and compiling take a huge hit, while things like gaming are seemingly unaffected, I haven't felt any difference in my Macs, But I guess comprehensive benchmarking needs to be done given that it affects differently older processor families like Sandy and Ivy Bridge.
     
  22. juanmj93 macrumors newbie

    juanmj93

    Joined:
    Jan 3, 2018
    #23
    Has anyone noticed slowdowns in Xcode workflows for example?
     
  23. Double-Slit macrumors member

    Joined:
    Feb 8, 2016
    Location:
    The Netherlands
    #24
    Is this 'Intel-bug' security-update also implemented in macOS 10.11.6 (El Capitan) software-update?
     

Share This Page