About "Meltdown" and "Spectre"

End of 2017 two severe vulnerabilities have been discovered in many CPU designs. The techniques to exploit these vulnerabilities have been nicknamed "Meltdown" and "Spectre". The OS and application vendors have to adapt their software to avoid exploitation of these vulnerabilities.

According to the information that Apple published in https://support.apple.com/en-us/HT208394 , "Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown." On January 23rd 2018 Apple has released Security Update 2018-001 Sierra and Security Update 2018-001 El Capitan, both containing amongst others  mitigations against Meltdown.

To improve protection against "Spectre" Apple has released "macOS High Sierra 10.13.2 Supplemental Update" for macOS 10.13 and Safari 11.0.2 for macOS Sierra and OS X El Capitan.

In general users should make sure that they have installed the lastest version of macOS and all available security updates. Make sure Software Update is configured to check automatically for updates, and install security updates as soon as they become available. Always have a look whether the icon of the AppStore.app in the dock indicates the availability of software updates, or watch the announcements in the mailing list "support-macosx@cern.ch". And keep in mind to check regularely for updates to your applications not coming from the AppStore.

Please note that users of very old macOS / OS X versions will not get any security updates proposed any more. Make sure that you run a recent and supported version of macOS, at the time of this writing 10.13.2 with the "macOS High Sierra 10.13.2 Supplemental Update".

 

 

You are here