XYMer's Home away from Home

When http://bbs.xlr8yourmac.com is down (i.e. always)
It is currently Thu Jan 18, 2018 9:52 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 30 posts ]  Go to page Previous  1, 2
Author Message
PostPosted: Wed Jan 10, 2018 3:37 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9699
Location: Caught between the moon and NYC
Security Update 2017-002 contains the Meltdown-related fixes included in 10.13.2 for 10.12 and 10.11. Spectre's Javascript-based attacks requires an update to Safari and I don't recall seeing anything related to it in the list of changes included in 2017-002 but I may be wrong. I had people asking me a million and one questions while reading its change notes.


Top
 Profile  
 
PostPosted: Wed Jan 10, 2018 4:40 pm 
Offline
Master

Joined: Sun Apr 20, 2008 5:24 am
Posts: 9734
Location: North of the State of Jefferson
Now, as ever, ad-blocking sounds like a good idea. For one thing, it makes using the web tolerable, but it's also a great preventive measure against the (awkward) Spectre JavaScript attack because most ad blockers will block JavaScript from add networks, which have proven a convenient JS attack vector on otherwise reputable sites. That won't protect you from directly hacked sites or just straight up malicious ones, but it's one more reason to think about ad blocking.

- Anonymous


Top
 Profile  
 
PostPosted: Thu Jan 11, 2018 5:23 am 
Offline

Joined: Sat Apr 11, 2009 2:15 pm
Posts: 6045
Location: NYC
MonkeyBoy wrote:
Security Update 2017-002 contains the Meltdown-related fixes included in 10.13.2 for 10.12 and 10.11. Spectre's Javascript-based attacks requires an update to Safari and I don't recall seeing anything related to it in the list of changes included in 2017-002 but I may be wrong. I had people asking me a million and one questions while reading its change notes.

Several items re. kernel for El Cap/Sierra update (El Cap 2017-005) appear to deal with Spectre and/or Meltdown. At least two of the CVEs listed appear to confirm...maybe?
https://support.apple.com/en-us/HT208331

HOWEVER:
Quote:
Update: On Friday afternoon, Apple removed the section of the support document detailing the "Meltdown" patch for Sierra and El Capitan. AppleInsider has conflicting information on this from inside Apple, with some claiming that the security patch didn't have the Meltdown fix, and others claiming that the documentation withdrawal was performed in error.

At present, the security document states that there is no patch for Meltdown in Sierra and El Capitan, and AppleInsider suggests that device administrators proceed assuming that there is no protection from the attack at this time on machines with older operating systems. We will update this post accordingly should we get more information on the topic.

http://appleinsider.com/articles/18/01/ ... older-macs


Top
 Profile  
 
PostPosted: Thu Jan 11, 2018 2:22 pm 
Offline
User avatar

Joined: Thu May 15, 2008 8:13 pm
Posts: 9699
Location: Caught between the moon and NYC
Apple -> :fishsmack: <- Installed user base


Top
 Profile  
 
PostPosted: Thu Jan 11, 2018 9:09 pm 
Offline
Benevolent Dictator
User avatar

Joined: Mon Apr 21, 2008 2:03 am
Posts: 14765
:lol:


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 30 posts ]  Go to page Previous  1, 2

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group