I'm confused. Just noticed a new story on macrumors.com called:
New 'ZombieLoad' Vulnerability Affects Intel Chips Dating Back to 2011
My 17" Macbook Pro is mid 2010, so it should be safe, right?
Intel has a list of it's CPU's which are affected and I provided the link in my post #11:
The CPU's in all 3 models of 17" 2010 MBP's (i5-540M, i7-620M, i7-640M) are listed by Intel as affected with no planned microcode updates. As such, Apple is not updating Sierra or High Sierra to include the OS mitigations that Intel has sent out to Microsoft, Apple, the Linux folks, etc.
But please read what I had in my post #11:
"There are easier ways to hack a computer than MDS. With MDS, the attacker has to hope that it can glean useful data from the computer in essence by listening in on other conversations (which may only be partially understandable) that are going on. If I'm an attacker, that's a pretty stupid to approach stealing data - why not just out and out steal data or listen to the network port and send it back?"
Because of the way this attack is carried out, you need to worry more about where your personal data travels on the web. If your personal data is on a shared computer (using affected Intel CPU's), even though it is held by a trusted source, there may be some other entity which is sharing the computer which knowingly or not "listens" in on other processing going on because hyperthreading is enabled on the computer and because mitigations haven't been carried out. Large companies like Amazon, etc. have their own data centers and it's unlikely they share computers with customer data with other companies. Also, they are a large service provider so they provide hosting services for many organizations and individuals (I use them) and they almost certainly have carried out mitigations both on their internal and their hosting computers. But what about smaller hosting companies and the companies which use them? Do you know if they are as careful? Do you even know everywhere your personal data travels? I certainly don't. This, by far, is a greater risk to you than MDS (ZombieLoad, etc.) on your 2010 MBP. (Please note that no known instance of this type of attack has occurred, either on personal computers or data centers.)