Apple Patches ZombieLoad Vulnerabilities

(Adam Engst) #1

Originally published at: https://tidbits.com/2019/05/14/apple-patches-zombieload-vulnerabilities/

Security researchers have discovered a new class of vulnerabilities in Intel CPUs dating back to 2011 and beyond. Happily, Apple’s macOS 10.14.5 and Security Update 2019-003 provide fixes.

Security Flaw in Intel Chip
(David Tuma) #2

Has anyone gotten the advisory from Apple that is discussed in the article?
David

New security flaw found in Intel chips

A new security flaw in Intel chips is embedded in the architecture of computer hardware and can’t be fully fixed; it could affect millions of devices.

(Al Varnell) #3


(Derek Currie) #4

We also have to imagine that situations like this are informing Apple’s thinking about possibly replacing Intel CPUs in Macs with Apple’s own ARM-based chips.

The loss of functionality that would result from Apple leaving Intel’s CISC based CPUs and returning to RISC CPUs is profoundly prohibitive. AFAIAC this debate has been extensively thrashed out and is over. I wish we’d all drop this unrealistic rumor/speculation.

(paulc) #5

It actually goes way back before the “2011 and later” machines that are spoken about. Intel chips apparently have had hyperthreading going back to some late Pentium chips. My cMP of 2010 with a 6 core Westmere say NOTHING about Hyperthreading in the System report but it DOES have Hyperthreading. What I have read is that there is NO SOLUTION for my machine, it isn’t coming from Apple, and it sure isn’t coming from Intel. The forced OS update does NOT address this, it seems the ONLY option is to severely restrict performance by close to half.

That being said, I suspect the general vulnerability is most likely quite low. Of all the potential warning systems, I like Snitch the best, so it is always kept up to date. I have weekly clones AND a Time Machine backup. So I think I am reasonably protected. What I suspect is this is just more sauce for the goose to close down the OS even further, I see the day when the file system is shut off from us (it’s coming as they work to make the desktop OS into iOS). Makes me quite sad…