Chip vulnerability Spectre - along with Meltdown - has been causing havoc since it was disclosed last week, forcing hardware and software manufacturers to work overtime to mitigate the damage hackers can do if they exploit it. Apple is the latest to issue software updates designed solely to make it more difficult for Spectre hacks to cause damage.
Security updates were issued for macOS High Sierra 10.13.2, iOS 11.2.2, and Safari 11.0.2 that target both variants of Spectre. Applying the macOS and iOS patches will automatically update Safari to the newest version. There is nothing specific in the patch notes other than all three updates make "security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715)."
The update to Safari was necessary as Spectre focuses on applications that can be exploited through a web browser's JavaScript. Microsoft released a similar fix for Edge and Internet Explorer last week.
Apple acknowledged last week that all its devices were affected by the Meltdown and Spectre vulnerabilities, and had already started rolling out macOS mitigations in High Sierra 10.13.2. Apple uses Intel processors in its macOS powered devices, and Intel has already started rolling out firmware updates for the processors that Apple needs to get out to users.
14 Comments - Add comment