Apple confirms iOS and macOS are vulnerable to 'Meltdown' and 'Specter'

Posted January 05, 2018

In the coming days the organization says it will discharge alleviations in Safari to help shield against Specter.

It said the AppleWatch is not affected by Spectre.

'All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time.

The security vulnerabilities apply to all modern computer processors and affect almost all computers and smartphones, leaving tech companies scrambling to find a fix. "We proceed to create and test encourage alleviations for these issues and will discharge them in up and coming updates of iOS, macOS, tvOS, and watchOS", the article states.

While initial coverage of the Meltdown vulnerability said that fixes could bring hits to performance, Apple says that neither macOS nor iOS suffer from a "measurable reduction in performance" in benchmarking or in web browsing testing.

For those unaware, the CPU, in its bid to increase the performance, predicts which path of a branch is most likely to be taken, and will speculatively continue execution down that path even before the branch is completed.

Palestine recalls envoy from Pakistan over faux pas
While regretting Ali's presence at the Saeed event, Alhaijaa said the envoy had gone for an Al Quds (Jerusalem) conference. Palestine has very close ties with India and has always supported India's fight against terror.

Given kernel memory is dedicated to the core components and interactions of an operating system with its hardware, it is said that the flaw could be exploited by malicious programmes, namely Meltdown or Spectre, to expose secured information such as passwords, and effectively compromise a targeted machine or indeed server network.

On Wednesday, Alphabet Inc's Google and other security researchers disclosed two major chip flaws, one called Meltdown affecting only Intel Corp chips and one called Spectre affecting almost all computer chips made in the last decade.

The flaws were first reported by tech publication The Register.

Analysis of these techniques revealed that while they are extremely hard to exploit, even by an app running locally on a Mac or iOS device, they can be potentially exploited in JavaScript running in a web browser.

Now, the California tech giant has confirmed that it has released mitigations for macOS and iOS as well as Safari on the App Store. Our current testing indicates that the upcoming Safari mitigations will have no measurable impact on the Speedometer and ARES-6 tests and an impact of less than 2.5% on the JetStream benchmark.

Current updates to macOS and iOS protect against Meltdown, and Apple is working on providing better protections against Spectre.

Recently in Economy