Intel Security Flaw Partially Addressed in Recent macOS 10.13.2 Update
A developer says the serious security flaw found in Intel processors has been at least partially addressed by Apple in a recent update to macOS. The macOS 10.13.2 update was released on December 6.
According to developer Alex Ionescu, Apple introduced a fix in macOS 10.13.2, with additional tweaks set to be introduced in macOS 10.13.3, currently in beta testing. AppleInsider also says that it has heard from “multiple sources within Apple” that updates made in macOS 10.13.2 have mitigated “most” security concerns associated with the KPTI vulnerability.
The question on everyone's minds: Does MacOS fix the Intel #KPTI Issue? Why yes, yes it does. Say hello to the "Double Map" since 10.13.2 — and with some surprises in 10.13.3 (under Developer NDA so can't talk/show you). cc @i0n1c @s1guza @patrickwardle pic.twitter.com/S1YJ9tMS63
— Alex Ionescu (@aionescu) January 3, 2018
The Intel CPU design flaw was announced earlier this week, and allows normal user programs to access some of the contents of protected kernel memory. The flaw could potentially allow a hacker’s malicious application to gain access to information such as login keys, passwords, and more.
Reports have indicated the fix for the issue could cause a 5 to 30% performance slowdown on Windows and Linux machines. However, Macs may not take such a large performance hit. Ionescu says the performance hit on a system with PCID (Process-Context Identifiers), available on most modern Macs, is “minimal.” This could mean most users might not see much of an impact on their daily usage.