As expected, Apple on Monday released macOS 10.13.2 and iOS 11.2.2. Both updates are free, and address the recently announced hardware-based “Spectre” security vulnerability.
Both update include updates to the Safari web browser and WebKit to mitigate the security flaws found in the Intel and ARM CPUs. A previous update to macOS High Sierra had addressed the “Meltdown” security flaws announced alongside Spectre.
The company’s statement from last week:
The Meltdown and Spectre issues take advantage of a modern CPU performance feature called speculative execution. Speculative execution improves speed by operating on multiple instructions at once—possibly in a different order than when they entered the CPU. To increase performance, the CPU predicts which path of a branch is most likely to be taken, and will speculatively continue execution down that path even before the branch is completed. If the prediction was wrong, this speculative execution is rolled back in a way that is intended to be invisible to software.
The Meltdown and Spectre exploitation techniques abuse speculative execution to access privileged memory—including that of the kernel—from a less-privileged user process such as a malicious app running on a device.
Meltdown
Meltdown is a name given to an exploitation technique known as CVE-2017-5754 or “rogue data cache load.” The Meltdown technique can enable a user process to read kernel memory. Our analysis suggests that it has the most potential to be exploited. Apple released mitigations for Meltdown in iOS 11.2, macOS 10.13.2, and tvOS 11.2. watchOS did not require mitigation. Our testing with public benchmarks has shown that the changes in the December 2017 updates resulted in no measurable reduction in the performance of macOS and iOS as measured by the GeekBench 4 benchmark, or in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.
Spectre
Spectre is a name covering two different exploitation techniques known as CVE-2017-5753 or “bounds check bypass,” and CVE-2017-5715 or “branch target injection.” These techniques potentially make items in kernel memory available to user processes by taking advantage of a delay in the time it may take the CPU to check the validity of a memory access call.
The macOS High Sierra update can be downloaded and installed from the “Update” tab in the Mac App Store.
The iOS 11.2.2 update can be installed by going to “Settings” -> “General” -> “Software Update” on your iOS device.
A Safari 11.0.2 update is available for those still running macOS Sierra 10.12.6 and OS X El Capitan 10.11.6. The update is designed to mitigate the effects of the Spectre processor flaw.
518758 573155Hello. Fantastic job. I did not expect this. This is a excellent articles. Thanks! 382772
247965 939375Outstanding post, I conceive folks need to larn a good deal from this internet internet site its really user genial . 144897
253086 352228I real glad to find this web internet site on bing, just what I was searching for : D likewise saved to bookmarks . 455460
73845 60078Yeah bookmaking this wasnt a bad decision fantastic post! . 207738
957140 634652Aw, i thought this was quite a very good post. In concept I would like to devote writing such as this moreover – spending time and actual effort to produce a great article but exactly what do I say I procrastinate alot by no means manage to get something done. 690722
251953 65703articulo agregado a favoritos, lo imprimir cuando llegue a la oficina. 747487
426640 188201I want seeking at and I believe this web site got some genuinely beneficial stuff on it! . 497079
stromectol stromectol 3 mg tablets price
https://stromectolgf.com/# stromectol covid
[url=https://stromectolgf.online/#]ivermectin nz[/url] cost of ivermectin pill
pain medications without a prescription discount prescription drugs
[url=https://drwithoutdoctorprescription.online/#]buy prescription drugs online[/url] tadalafil without a doctor’s prescription
prescription drugs online buy anti biotics without prescription
https://doxycyclineforsale.life/# doxycycline hydrochloride 100mg
[url=https://clomidforsale.life/#]how much is clomid in south africa[/url] clomid 50mg coupon
[url=https://zithromaxforsale.shop/#]can i buy zithromax online[/url] purchase zithromax z-pak
[url=https://buynolvadex.store/#]generic tamoxifen[/url] tamoxifen alternatives premenopausal
https://buynolvadex.store/# tamoxifen moa
lipitor 30 mg lipitor 80 mg tablet
612794 691003I came across this good from you out of sheer luck and never believe lucky enough to say also credit you for any job effectively done. 357193
https://cipro.best/# where can i buy cipro online