Get in touch now on

+61 7 3480 5121

Apple Releases Spectre Patches for Safari, macOS and iOS
08 January, 2018
This post was originally published on this site

Apple released iOS 11.2.2 software Monday for iPhones, iPads and iPod touch models that patch for the Spectre vulnerabilities. A macOS High Sierra 10.13.2 supplemental update was also released to bolster Spectre defenses in Apple’s Safari browser and WebKit, the web browser engine used by Safari, Mail, and App Store.

This is the second update for Apple since last week’s revelation of the massive processor vulnerabilities, Meltdown and Spectre, impacting CPU’s worldwide. Apple previously released mitigations against Meltdown with updates that included iOS 11.2, macOS and tvOS 11.2.

Monday’s three updates include macOS High Sierra 10.13.2 supplemental, Safari 11.0.2, and iOS 11.2.2. The updates “includes security improvements” to mitigate the two known methods for exploiting Spectre identified as variants “bounds check bypass” (CVE-2017-5753/Spectre/variant 1) and “branch target injection” (CVE-2017-5715/Spectre/variant 2).

Apple said the Safari 11.0.2 update is available for OS X El Capitan 10.11.6 and macOS Sierra 10.12.6. The macOS High Sierra 10.13.2 supplemental update includes security updates for Safari and WebKit. iOS 11.2.2 is for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation.

According to experts, the Spectre vulnerability, variant is much more difficult attack to carry out than Meltdown because it breaks the isolation between different applications. But, at the same time, it will also be harder to patch.

There is also a greater sense of urgency with Spectre. A Meltdown attack scenario requires an attacker to already have a foothold on the targeted system. Spectre opens up certain types of remote attack scenarios such as browser-based attacks, according to researchers.

Last week Mozilla, along with Microsoft and Google, updated the code in their browsers to increase them time it takes to execute certain Java commands that could exploit the Spectre flaws, making it exponentially harder – but not impossible – to exploit.


read more ...

What our
Clients say

Product Finder

Search for products that match of these criteria:

 + Add row
System Diagnostic

  • Do you have five or more computers?
  • Do you have a server?
  • Is your data critical to your business?
  • Do you think IT could perform better?
  • Are you concerned about your IT security?
  • Do you need to be kept up to date?
  • Would you like your IT maintained?
Product Finder

Search for products that match of these criteria:

 + Add row



Phone:07 3480 5121

Address: 8 - 37 Flinders Parade, North Lakes

QLD 4509 Australia

Post: PO Box 128, Burpengary

QLD 4505 Australia