Published: Tue, January 09, 2018
Tech | By Dwayne Harmon

Apple updates iOS, macOS with a patch for the Spectre chip flaw

With the three vulnerabilities that form the Spectre and Meltdown vulnerability families having been around for a long time, it's possible that some exploits have been in development. Apple's macOS updates deal with Intel's Spectre chip flaw.

IOS 11.2.2 contains some critical security fixes for two risky vulnerabilities discovered in a wide range of computer hardware.

Apple noted that Meltdown has more potential to be used as an exploit, and that Spectre was a much harder vulnerability to take advantage of.

Analysis of these techniques revealed that while they are extremely hard to exploit, even by an app running locally on a Mac or iOS device, they can be potentially exploited in JavaScript running in a web browser. While the Meltdown exploit affects devices that run on Intel CPUs, Spectre can be deployed via JavaScript in a web browser - which could make it a more wide-ranging security risk. A separate update is available for Safari browsers on older versions of the Mac operating system. Additionally, for OS X El Capitan and macOS Sierra users, Apple released Safari 11.0.2. Likewise, the macOS High Sierra 10.13.2 Supplemental Update uses similar language with regards to stamping out the Spectre threat. The fixes were rolled out in vesion 11.2 of the iOS, 10.13.2 for the MacOS, and 11.2 for the tvOS. On the iPad front, iOS 11 works with iPads as old as the iPad mini 2 and iPad Air. If you're interested in downloading it, it is available to download through the Software Update mechanism in the Mac App Store.

Like this: