Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
IOS Security Apple

Apple Updates macOS and iOS To Address Spectre Vulnerability (engadget.com) 67

Days after Apple disclosed how it would be dealing with the Meltdown bug that affects modern computers, it's pushed out fixes for the Spectre exploit as well. From a report: iOS 11.2.2 includes "Security improvements to Safari and WebKit to mitigate the effects of Spectre," the company writes on its support page, while the macOS High Sierra 10.13.2 Supplemental Update does the same for your Mac laptop or desktop. Installing this update on your Mac will also update Safari to version 11.0.2.

Apple Updates macOS and iOS To Address Spectre Vulnerability

Comments Filter:
  • Decently quick update to Safari and the OS from Apple. However Firefox had already updated. Loving it more and more :)

  • Apple - the world's richest tech hardware company - has accumulated their mountain of cash in part by a pattern of (plausibly) unscrupulously pushing customers to upgrade hardware.

    It's about time they acknowledged their role in this by actually supplying fixes for these vulnerabilities across the entire fleet and field of devices and operating systems. I want an update for iOS 3 and System 8.6!

    • I'd like an update for Yosemite. However I'm very unlikely to get one.

      • El Cap broke a lot of drivers including most verizon phones/mifi devices. Some apps like CS1 won't work, either.

    • by Chaset ( 552418 )

      A joke, for sure, since System 9 and lower only had partial/half-assed memory protection (if you could call it that, and only for PowerPC code. 68k systems had none, IIRC).
      However, it would be an interesting academic exercise to see whether PowerPC 603/604/750 have the same issues and to what extent.

      • by Anonymous Coward

        I'm not sure this is really a joke. I recently (less than a month ago) updated from 10.7 to 10.11 at work. Looks like I'm outtalucko unless someone wants to spend a fuckton of time to deal with the problems that come with Yet Another Mac OS version (we have a mix of 10.11 and 10.6 machines, the 10.6 ones being particularly hard to upgrade). Every single Mac OS X upgrade has broken something, somewhere. Sometimes it's a big deal, sometimes it's not, but I'm not feeling lucky. (Also, the general quality of th

      • by tlhIngan ( 30335 )

        A joke, for sure, since System 9 and lower only had partial/half-assed memory protection (if you could call it that, and only for PowerPC code. 68k systems had none, IIRC).
        However, it would be an interesting academic exercise to see whether PowerPC 603/604/750 have the same issues and to what extent.

        68K didn't use memory protection, PowerPC used only just enough to get it to work.

        In theory I believe the later PowerPCs did do OOO execution with branch preduction, but the early ones did not. It was deemed not

      • However, it would be an interesting academic exercise to see whether PowerPC 603/604/750 have the same issues and to what extent.

        PPC is OoO, so it sure could. If I had to bet, though, I'd bet that IBM and Motorola together did it the correct way. Let's hope so, because Apple ain't updating 10.5 any more.

      • by BancBoy ( 578080 )
        According to the TenFourFox blog about PowerPC vulnerability to Spectre and Meltdown. PowerPC is immune to Meltdown. G5 is vulnerable to Spectre but G3 and G4 may have some resistance.
  • by Anonymous Coward

    I'm stuck since I am on VMWare Fusion 8.5 which doesn't support High Sierra. I'm not willing to roll the dice and upgrade if it could break my ability to get work done, and my company is tight on the budget.

  • Apple's Spectre patches won't be bricking any AMD computers [slashdot.org].

  • by Anonymous Coward

    Not seeing a macOS patch available for El Capitan or Sierra. (10.11, 10.12).

    • El Capitan, possibly we'll see a patch for that - may not be possible though as it might rely on other work done in 10.12.

      However it does not matter if there's no patch for Sierra, as the system specs for Sierra are tree same as High Sierra. There you patch is to upgrade to High Sierra - if you think this issue is serious.

      • Because there's nothing on the latest versions of macOS and iOS worth updating for at least for me. So if I do install them I'll just have slower systems due to the extra bloat and apps from Apple that don't work as well.

        I'm avoiding moving onto iTunes 12.7 because they took out the apps in an incredibly stupid move. I have iOS apps installed on my iPhone and iPad so I'll be downloading the app twice instead of once to my Mac and syncing it to my devices. So there's no way I'm going to High Sierra while iTu

        • Because there's nothing on the latest versions of macOS and iOS worth updating for at least for me. So if I do install them I'll just have slower systems due to the extra bloat

          High Sierra is great because it's one of the optimization releases, it's been faster on the hardware I've installed It on. I can understand not installing it right away, I waited for the .1 release myself. but at .2 it's defiantly stable and of course it patches this extremely publicized flaw.

          I have iOS apps installed on my iPhone

          • So the apps you get are smaller individually than if you downloaded them to iTunes first and transferred them to the device, and take up less space on the device.

            But each device specific app that I download would not be smaller than half of the app I download in iTunes so I'm still pulling down more bytes. Plus I still have to actually go to both devices and do something to start the update process. Right now I just update the apps in iTunes and the next time I connect the device to charge it gets backed and any new apps, podcasts, and music gets put on it.

            The system works very well for me and may not for others. But this is just a continuation from Apple of forcing

      • by antdude ( 79039 )

        Because old Macs can't run Sierras? Also, High Sierra is still buggy for being new.

      • Dude, I'm stuck on Yosemite due to lack of El Cap drivers

  • by Anonymous Coward

    Cannot upgrade to iOS 11, but devices otherwise just fine. Is it really fine to leave those unpatched?

  • This is outrageous that Apple is rolling out some software update to "help" our processors function better without asking us! I demand to be asked whether I want this software fix to be implemented, because it makes my processor work slower! I want to do this myself. Apple sucks and don't get me started on batteries.
    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Check your benchmarks. Many are actually seeing IMPROVED results after this update. Seriously.

  • by Anonymous Coward

    Is there no fix for Sierra or earlier?
    Or is this another eff U from Apple?

  • by Ecuador ( 740021 ) on Monday January 08, 2018 @03:11PM (#55887331) Homepage

    See? Apple delivered the update without bricking* any AMD CPUs! That's how you do it!

    *the term is used here very loosely.

    • See? Apple delivered the update without bricking* any AMD CPUs! That's how you do it!

      Have you tested it on any AMD CPUs?

  • that installing this update will make my OS and any apps on it unable to exploit the Specter vulnerability? or just that safari and webkit is mitigated

    • Why does it matter? Meldown is the one you should be concerned about. It is an Intel only bug and can only be fixed by replacing the CPU.
      • by zlives ( 2009072 )

        looks like Apple, MS and others are saying it can be mitigated by patches. so the issue remains with Specter as far as i know.

  • by Anonymous Coward

    Installing this update on your Mac will also update Safari to version 11.0.2.

    In case anyone is confused, Safari11.0.2 came out back in December.

    What was released today are builds 11604.4.7.1.6 (El Capitan) and 12604.4.7.1.6 (Sierra) plus whatever comes with the High Sierra update.

    About the security content of Safari 11.0.2 [apple.com]

    So just because you are already at 11.0.2, that doesn't mean you are already up to date.

  • Is Apple saying That's okay, Intel, we got your back and let the giant go with a pat on the derriere?

Life would be so much easier if we could just look at the source code. -- Dave Olson

Working...