Possibly, but that kind of damage control tends to backfire badly if it isn't true. Also, unlike Meltdown, Spectre wasn't Intel specific (okay Meltdown might possibly affect some ARM chips too according to ARM). In contrast, Spectre affects Intel, AMD, ARM, basically everyone and was also supposed to be very hard, if not impossible, to fix in software/firmware. Possibly they're declaring themselves immune from both to make up for having a second and even worse problem, but if it isn't true or comes at too high a cost ... that's going to backfire horribly.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Intel Says New Software Updates Make Computers 'Immune' to Meltdown and Spectre Vulnerabilities
- Thread starter MacRumors
- Start date
- Sort by reaction score
Possibly, but that kind of damage control tends to backfire badly if it isn't true. Also, unlike Meltdown, Spectre wasn't Intel specific (okay Meltdown might possibly affect some ARM chips too according to ARM). In contrast, Spectre affects Intel, AMD, ARM, basically everyone and was also supposed to be very hard, if not impossible, to fix in software/firmware. Possibly they're declaring themselves immune from both to make up for having a second and even worse problem, but if it isn't true or comes at too high a cost ... that's going to backfire horribly.
We do not have any official statement from Apple that either of these two exploits have been patched. The fixes mentioned in the oft-referenced list of fixes in the 6 Dec 2017 security patch are not the ones in play here - the CVE numbers don't match. For whatever reason, Apple is keeping us all guessing, again, about how secure our systems are.
If I'm wrong, I'd like to have a reference to where Apple has clearly stated that these have been patched.
If I'm wrong, I'd like to have a reference to where Apple has clearly stated that these have been patched.
The amount of compensation Intel will end up having to pay for this will be astonishing in its scope.
Is there something stopping you from updating to High Sierra? It works great.
[doublepost=1515110243][/doublepost]
Yes.
[doublepost=1515110410][/doublepost]
Benchmarks will be pretty non-informative, as benchmarking software tends to max out the CPU and therefore may over-exaggerate the effects that one would experience. It's been reported that the fixes are "barely noticeable" in day-to-day computing. Only very specific applications may run into a performance reduction, and likely not as noticeable as media wants us to believe.
[doublepost=1515110506][/doublepost]
Do yourself a favour. Update to 10.13 AND ensure you are using an SSL internally, and your four-year old computer will feel newer than new. Performance will be incredible.
Is there something keeping you on El Cap other than fear?
Can you elaborate on how it "looks like" the 10.13.2 mitigations are backported? Because I've been trying to find evidence of this all day and cannot.
I wish whomever is creating the headlines would take more care. You're doing the readers a disservice.
From yesterday:
Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2
Today's Article:
Apple Confirms 'Meltdown' and 'Spectre' Vulnerabilities Impact All Macs and iOS Devices, Some Fixes Already Released
From yesterday:
Intel Memory Access Design Flaw Already Addressed by Apple in macOS 10.13.2
Today's Article:
Apple Confirms 'Meltdown' and 'Spectre' Vulnerabilities Impact All Macs and iOS Devices, Some Fixes Already Released
Thanks for this reply. Can you please further elaborate about using SSL internally? Thank you.
Random sites executing JavaScript that reads from anywhere in system memory is a consumer's worst nightmare.
Intel talk about chips up to 5 years old getting these fixes. The Mac fix, is that for all Macs running the latest High Sierra, or is that only Macs with CPU models that are 5 years old or less?
The CEO can't just sell his stock whenever he wants, right? I thought you had to notify the SEC of a sell and have it trigger at some random time a month later or something.
[doublepost=1515118069][/doublepost]
Where did you find the PoC? Curious if my Mac Pro is vulnerable to it (though I assume even if not, it could be tweaked for my hardware).
Intel said it will take some weeks to release these initial fixes for CPUs up to 10 years old and that they will prioritize according to what they see on the field.
I would hope they will go all the way back to 1995 eventually.
I'd think this is a firmware update, not an OS update. Unless they plan to mitigate the risk with an OS update. My Mac Pro got a firmware update to support High Sierra, impressive considering its age, but I didn't have to install High Sierra to get it.
He did a regular stock sale at the end of 2017. Nothing abnormal except he sold a ton of stock. He sold as much stock as he could sell, hitting the minimum amount a CEO must have under SEC rules.
But now we know he knew about Spectre at the time of his stock selloff. That stinks of insider trading.
I had expected the performance hit to be worse than that. I’ll have to wait for some of the technology websites to test multiple PCs/Macs and see those results before I know for sure.
What a shock, the pitchforkers overreacted and a company with good management took care of the problem.
Glad I bought some INTC shares today.
Glad I bought some INTC shares today.
Or maybe, more options, like systems with AMD cpus or *gasp* sell macOS to non mac users.
So did the pitchforkers that estimated a 30% drop, like that would ever happen.