• Home
  • iOS
  • macOS
  • News
  • Apple Releases macOS 10.13.2 and iOS 11.2.2 Update to Address ‘Spectre’ Vulnerabilities

Apple Releases macOS 10.13.2 and iOS 11.2.2 Update to Address ‘Spectre’ Vulnerabilities

Apple Releases macOS 10.13.2 and iOS 11.2.2 Update to Address ‘Spectre’ Vulnerabilities

As expected, Apple on Monday released macOS 10.13.2 and iOS 11.2.2. Both updates are free, and address the recently announced hardware-based “Spectre” security vulnerability.

Apple Releases macOS 10.13.2 and iOS 11.2.2 Update to Address 'Spectre' Vulnerabilities

Both update include updates to the Safari web browser and WebKit to mitigate the security flaws found in the Intel and ARM CPUs. A previous update to macOS High Sierra had addressed the “Meltdown” security flaws announced alongside Spectre.

The company’s statement from last week:

The Meltdown and Spectre issues take advantage of a modern CPU performance feature called speculative execution. Speculative execution improves speed by operating on multiple instructions at once—possibly in a different order than when they entered the CPU. To increase performance, the CPU predicts which path of a branch is most likely to be taken, and will speculatively continue execution down that path even before the branch is completed. If the prediction was wrong, this speculative execution is rolled back in a way that is intended to be invisible to software.

The Meltdown and Spectre exploitation techniques abuse speculative execution to access privileged memory—including that of the kernel—from a less-privileged user process such as a malicious app running on a device.

Meltdown

Meltdown is a name given to an exploitation technique known as CVE-2017-5754 or “rogue data cache load.” The Meltdown technique can enable a user process to read kernel memory. Our analysis suggests that it has the most potential to be exploited. Apple released mitigations for Meltdown in iOS 11.2, macOS 10.13.2, and tvOS 11.2. watchOS did not require mitigation. Our testing with public benchmarks has shown that the changes in the December 2017 updates resulted in no measurable reduction in the performance of macOS and iOS as measured by the GeekBench 4 benchmark, or in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.

Spectre

Spectre is a name covering two different exploitation techniques known as CVE-2017-5753 or “bounds check bypass,” and CVE-2017-5715 or “branch target injection.” These techniques potentially make items in kernel memory available to user processes by taking advantage of a delay in the time it may take the CPU to check the validity of a memory access call.

The macOS High Sierra update can be downloaded and installed from the “Update” tab in the Mac App Store.

The iOS 11.2.2 update can be installed by going to “Settings” -> “General” -> “Software Update” on your iOS device.

A Safari 11.0.2 update is available for those still running macOS Sierra 10.12.6 and OS X El Capitan 10.11.6. The update is designed to mitigate the effects of the Spectre processor flaw.

  1. 518758 573155Hello. Fantastic job. I did not expect this. This is a excellent articles. Thanks! 382772

  2. 247965 939375Outstanding post, I conceive folks need to larn a good deal from this internet internet site its really user genial . 144897

  3. 253086 352228I real glad to find this web internet site on bing, just what I was searching for : D likewise saved to bookmarks . 455460

  4. 73845 60078Yeah bookmaking this wasnt a bad decision fantastic post! . 207738

  5. 957140 634652Aw, i thought this was quite a very good post. In concept I would like to devote writing such as this moreover – spending time and actual effort to produce a great article but exactly what do I say I procrastinate alot by no means manage to get something done. 690722

  6. 251953 65703articulo agregado a favoritos, lo imprimir cuando llegue a la oficina. 747487

  7. 426640 188201I want seeking at and I believe this web site got some genuinely beneficial stuff on it! . 497079

  8. ChesterJed says:

    https://stromectolgf.com/# stromectol covid

  9. Stromgeaps says:

    [url=https://stromectolgf.online/#]ivermectin nz[/url] cost of ivermectin pill

  10. CameronRhync says:

    pain medications without a prescription discount prescription drugs

  11. Thomasdet says:

    [url=https://drwithoutdoctorprescription.online/#]buy prescription drugs online[/url] tadalafil without a doctor’s prescription

  12. StephenJaf says:

    https://doxycyclineforsale.life/# doxycycline hydrochloride 100mg

  13. Shelbyrob says:

    [url=https://clomidforsale.life/#]how much is clomid in south africa[/url] clomid 50mg coupon

  14. RickyQuold says:

    [url=https://zithromaxforsale.shop/#]can i buy zithromax online[/url] purchase zithromax z-pak

  15. HomerBrida says:

    [url=https://buynolvadex.store/#]generic tamoxifen[/url] tamoxifen alternatives premenopausal

  16. RaymondCluth says:

    https://buynolvadex.store/# tamoxifen moa

  17. WilliamHib says:

    lipitor 30 mg lipitor 80 mg tablet

  18. 612794 691003I came across this good from you out of sheer luck and never believe lucky enough to say also credit you for any job effectively done. 357193

  19. GeorgeSoord says:

    https://cipro.best/# where can i buy cipro online

Leave a Reply

Your email address will not be published.