A new CPU exploit is out, but the patches put a significant performance hit on the machines.
Question
New CPU exploit
+23
+16It appears to be partially fixed in 10.13.2 without a notable performance difference. I guess we'll have to see what the next security update does.
+8I believe the fix that was part of 10.13.2 has been around since 6th December 2017 as part Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan.
See Apple link for full details - https://support.apple.com/en-gb/HT208331
+1https://support.apple.com/en-gb/HT208331 mentions CVE-2017-7154... but not CVE-2017-5753, CVE-2017-5754 or CVE-2017-5715.
+36We opened a ticket this morning and were given the expected "We don't discuss vulnerabilities" response.
Guessing this is the last nail on the coffin of 10.10 and older. Hopefully.
+3We still run 10.12.6, are they only releasing a fix for 10.13.2 similar to there only being a supposed fix for Windows 10 onwards?
+8@RCoS The fix has been realise for 10.12.6 (Security Update 2017-002) and 10.11.6 (Security Update 2017-005)
+8https://support.apple.com/en-gb/HT208331 mentions CVE-2017-7154... but not CVE-2017-5753, CVE-2017-5754 or CVE-2017-5715.
I might be wrong here but is that because the ones that aren't mentioned are part of 'Spectre'?
I believe the only fix realised so far addresses issues with the 'Meltdown' bug. Spectre is a much more difficult issue to address.
+15I got confirmation from our Apple rep that the 2017-002 and 2017-005 patches address Meltdown only and that a fix for safari/spectre is in the works
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.