Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

RandomDSdevel

macrumors regular
Jul 23, 2009
142
71
Kokomo, IN
Just really got into reading the news about this the earlier today after seeing a headline or two on it recently. Confound it all, can't computers be cantankerous enough?!? And I'm still on 'El Capitan,' to boot. (Grumbles…) Please tell us you have a fix in the works for your older supported OS versions if you haven't sent us one already, Apple!
 

cmaier

Suspended
Jul 25, 2007
25,405
33,471
California
Just really got into reading the news about this the earlier today after seeing a headline or two on it recently. Confound it all, can't computers be cantankerous enough?!? And I'm still on 'El Capitan,' to boot. (Grumbles…) Please tell us you have a fix in the works for your older supported OS versions if you haven't sent us one already, Apple!
That seems very unlikely.
 

Spectrum

macrumors 68000
Mar 23, 2005
1,799
1,112
Never quite sure
I believe it was patched. Check out the notes on the security patch 002 of June: https://support.apple.com/en-us/HT208331 scroll down to CPU, it notes about a memory leak in the kernel.
Indeed: I think this is now the correct bug fix reference: (It wasn't referenced there early yesterday)

Kernel

Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6

Impact: An application may be able to read kernel memory

Description: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

CVE-2017-5754: Jann Horn of Google Project Zero, Werner Haas and Thomas Prescher of Cyberus Technology GmbH, and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology

Entry added January 4, 2018

---

It is nice to know that these made it into all three of the most recent OS releases. The other two bugs are still not patched though on any OS. Hopefully soon.
[doublepost=1515161142][/doublepost]These are the 3 exploits that require patching:
  • CVE-2017-5754 (for "Meltdown")
  • CVE-2017-5753 and CVE-2017-5715 (for "Spectre")
 
  • Like
Reactions: RandomDSdevel

RandomDSdevel

macrumors regular
Jul 23, 2009
142
71
Kokomo, IN
Indeed: I think this is now the correct bug fix reference: (It wasn't referenced there early yesterday)

Kernel

Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6

Impact: An application may be able to read kernel memory

Description: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

CVE-2017-5754: Jann Horn of Google Project Zero, Werner Haas and Thomas Prescher of Cyberus Technology GmbH, and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology

Entry added January 4, 2018

---

It is nice to know that these made it into all three of the most recent OS releases. The other two bugs are still not patched though on any OS. Hopefully soon.
[doublepost=1515161142][/doublepost]These are the 3 exploits that require patching:

Funny; looking there today, it says this:

Kernel

Available for: macOS High Sierra 10.13.1

Impact: An application may be able to read kernel memory (Meltdown)

Description: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

CVE-2017-5754: Jann Horn of Google Project Zero; Moritz Lipp of Graz University of Technology; Michael Schwarz of Graz University of Technology; Daniel Gruss of Graz University of Technology; Thomas Prescher of Cyberus Technology GmbH; Werner Haas of Cyberus Technology GmbH; Stefan Mangard of Graz University of Technology; Paul Kocher; Daniel Genkin of University of Pennsylvania and University of Maryland; Yuval Yarom of University of Adelaide and Data61; and Mike Hamburg of Rambus (Cryptography Research Division)

Entry updated January 5, 2018

Note that the 'Entry update' part has a newer date and that the 'Available for' line only mentions High Sierra again.
 
  • Like
Reactions: Spectrum

Spectrum

macrumors 68000
Mar 23, 2005
1,799
1,112
Never quite sure
So El Cap and Sierra remain unpatched then...?
It is odd (unusual from what I have read) that they didn't receive the same security update as High Sierra.
One of my macs cannot update beyond El Cap, the others are on El Cap or Sierra, in part because High Sierra is not yet supported on our University IT system. I think there will be a lot of machines not yet on High Sierra.
 
  • Like
Reactions: RandomDSdevel

RandomDSdevel

macrumors regular
Jul 23, 2009
142
71
Kokomo, IN
…One of my macs cannot update beyond El Cap, …

Yeah, I'm currently stuck with booting my family's mid-2007 aluminum iMac (iMac7,1) from an external drive until I can scrounge up enough funds to buy a laptop (note that that Apple-History entry is out of date, as said device's maximum OS is actually 10.11.6; seems like the site hasn't been getting updates for the past couple of years, I'm sad to say.)
 

Spectrum

macrumors 68000
Mar 23, 2005
1,799
1,112
Never quite sure
Yeah, I'm currently stuck with booting my family's mid-2007 aluminum iMac (iMac7,1) from an external drive until I can scrounge up enough funds to buy a laptop (note that that Apple-History entry is out of date, as said device's maximum OS is actually 10.11.6; seems like the site hasn't been getting updates for the past couple of years, I'm sad to say.)
Everymac has the up-to-date information.
 
  • Like
Reactions: RandomDSdevel

RandomDSdevel

macrumors regular
Jul 23, 2009
142
71
Kokomo, IN
Guess it's [—] Sierra, El Capitan, and Yosemite for Apple

Odds were Yosemite wouldn't get patched, as Apple only supports the previous two major OS versions before their latest one with security patches and updates to bundled software, AFAICR. Perhaps there's a kernel change introduced in High Sierra that made it easier to patch?
__________________________________________________________________________________________________________

Everymac has the up-to-date information.

Ours is actually this one, except it came with the BTO RAM and HDD options from the top model and we doubled the RAM again later, but cool, thanks!
__________________________________________________________________________________________________________

P. S.: Looks like we're getting some patches; see this security notice for the new build of Safari 11.0.2 for details:

Available for: OS X El Capitan 10.11.6 and macOS Sierra 10.12.6

Description: Safari 11.0.2 includes security improvements to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).

We would like to acknowledge Jann Horn of Google Project Zero; and Paul Kocher in collaboration with Daniel Genkin of University of Pennsylvania and University of Maryland, Daniel Gruss of Graz University of Technology, Werner Haas of Cyberus Technology, Mike Hamburg of Rambus (Cryptography Research Division), Moritz Lipp of Graz University of Technology, Stefan Mangard of Graz University of Technology, Thomas Prescher of Cyberus Technology, Michael Schwarz of Graz University of Technology, and Yuval Yarom of University of Adelaide and Data61 for their assistance.
__________________________________________________________________________________________________________

P. P. S.: There's also the MacRumors forum thread for this article, so I guess we should also be keeping track of discussion over there that might point towards answers.
 
Last edited:

Seret6

macrumors newbie
Nov 16, 2017
8
1
Hi, I need your help, where can I download the wallpapers shown on thse devices?
Regards and cheers
 

dylan214u

macrumors newbie
Jan 7, 2018
1
0



A serious design flaw and security vulnerability discovered in Intel CPUs has reportedly already been partially addressed by Apple in the recent macOS 10.13.2 update, which was released to the public on December 6.

12-inch-macbook-macbook-pro-duo.jpg

According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from "multiple sources within Apple" that updates made in macOS 10.13.2 have mitigated "most" security concerns associated with the KPTI vulnerability.

Publicized yesterday, the design flaw in Intel chips allows normal user programs to see some of the contents of the protected kernel memory, potentially giving hackers and malicious programs access to sensitive information like passwords, login keys, and more.

Full details on the vulnerability continue to be unavailable and under embargo, so it's not yet clear just how serious it is, but fixing it involves isolating the kernel's memory from user processes using Kernel Page Table Isolation at the OS level. Implementing Kernel Page Table Isolation could cause a performance hit on some machines.

According to The Register, which first shared details on the vulnerability, Windows and Linux machines will see a 5 to 30 percent slowdown once a fix is in place. It appears Macs may not be hit as heavily, as no noticeable performance slowdowns have been reported since the launch of macOS 10.13.2.

Ionescu also says that performance drop on a system with PCID (Process-Context Identifiers), available on most modern Macs, is "minimal," so most users may not see an impact on day-to-day Mac usage.

Article Link: Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2
[doublepost=1515506993][/doublepost]With the inability to upgrade your equipment due to Apple's lock-down, they need not have a performance hit because there is no way to counter it by upgrading ram or drive.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.