Spectre attack works on non-Intel processors – status update by Apple 8th Jan 2018

In order to avoid the effects of Spectre (CVE-2017-5753 and CVE-2017-5715), Apple announced solution (patching) to mitigate this vulnerabilities. It was surprise that the result looks different from the security analysis report findings. It looks that no significant performance slow down and not require to re-design CPU. However Apple computer address the problem this time is for Spectre attack. Unlike Meltdown, the Spectre attack works on non-Intel processors, including AMD and ARM processors. Furthermore, it looks that it does not protect against Spectre till new design concept of idea found! It looks that the easy way is disable CPU L1 cache. But it will reduce the performance.  It surprise to me that Azuer and Apple apply the patch and did not encountered known performance issue?  Perhaps cloud base system platform is memory intensive instead of CPU intensive. Or the problem not been correctly address. For your reference: Apple patch announcement:

macOS High Sierra 10.13.2 Supplemental Update

https://support.apple.com/en-hk/HT208397

Safari 11.0.2 includes security improvements to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).

https://support.apple.com/en-hk/HT208403

iOS 11.2.2 includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).

https://support.apple.com/en-hk/HT208401

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *