iOS and macOS updates available now address Spectre vulnerabilities
Metldown and Spectre security risks affecting nearly every modern processor came to light last week, and now Apple has released a pair of software updates to address the Spectre vulnerability. iOS 11.2.2 and macOS High Sierra 10.13.2, while sparse in detail, are both now available for free on compatible devices.
iOS 11.2.2 for iPhone and iPad contains security fixes that aren't fully fleshed out, but Apple does say that they affect Safari and Webkit to "mitigate the effects of Spectre." Apple claims the Metldown vulnerability was addressed in iOS 11.2, and since there isn't a hardware fix for Spectre, the company issued this over-the-air update to all compatible devices. iOS 11.2.2 is available for iPhone 5s and later, iPad Air and later, and iPod touch 6th generation. It can be downloaded by navigating to Settings > General > Software Update.
A supplemental update in macOS High Sierra 10.13.2 is available today that uses similar Safari work-arounds to address the Spectre vulnerability. Apple also previously addressed Metldown in the first update of macOS High Sierra 10.13.2. All compatible machines can download the supplemental update for free from the Mac App Store, and a Safari 11.0.2 update is available for Macs running OS X El Capitan 10.11.6 and macOS Sierra 10.12.6. The Safari update also addresses Spectre risks.