Apple this evening has officially released a statement on the Meltdown and Spectre bugs affecting ARM and Intel processors. In a new support document, Apple says that ‘all Mac systems and iOS devices are affected’ by the vulnerability, but that there are no known exploits impacting customers right now…
Sylvania HomeKit Light Strip
Apple explains that, since exploiting this issue requires a malicious app to be loaded onto your device, it recommends users only download software from “trusted sources such as the App Store.”
All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time. Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store.
Furthermore, the company says that it has already released patches in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to address the Meltdown vulnerabilities. In the coming days, however, an update will be made available for Safari to help protect against Spectre:
Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre. We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.
While initial coverage of the Meltdown vulnerability said that fixes could bring hits to performance, Apple says that neither macOS nor iOS suffer from a “measurable reduction in performance” in benchmarking or in web browsing testing.
Read Apple’s full support article here.
More on Spectre & Meltdown:
- Report: Intel CPUs suffer from major security flaw, fix could bring notable performance hit to macOS
- Intel responds to CPU security flaw as macOS 10.13.2 said to include fix for Macs
- ARM security update suggests some iPhones, iPads, iPods and Apple TVs may be affected by CPU bug
- Analysts suggest CPU security flaw won’t create long-term economic hit for Intel
- Intel provides update on Spectre and Meltdown flaw patches as Apple stays quiet