Apple recently distributed updates for its Mac-based devices across three specific versions of MacOS: High Sierra (10.13), Sierra (10.12), and El Capitan (10.11). The updates for the two older MacOS versions specifically address CVE-2017-5754, otherwise known as Meltdown, which is a security issue recently discovered in Intel-based processors. The most recent update to High Sierra (10.13.3) does not address the Meltdown issue.
As previously reported, Meltdown is one of two issues discovered in all modern x86-based processors from Intel and AMD, and ARM-based mobile processors manufactured by Qualcomm, Samsung, and more. Part of a CPU’s “speed” stems from its “thinking ahead” while processing multiple tasks. These predictions are based on data CPUs store in local memory, but Google Project Zero researchers found a way to access that information.
For example, if the system memory were a bank vault, hackers could slip in using a CPU’s key. In a Meltdown attack, hackers can break down the wall that separates each deposit box in the memory vault. After that, they can use a program to access all that information, even data used by the operating system.
Given this is a hardware issue, all processor companies are frantically working to patch this crack in the design foundation. Meltdown is the easiest to patch through updates to motherboards, operating systems, and software drivers. Spectre, listed as CVE-2017-5753 and CVE-2017-5715, is harder to exploit, but harder to fix as well. This attack breaks down the wall separating programs too, but instead tricks these “error-free” programs into releasing their data. Apple addressed Spectre with its 10.13.2 supplemental update for High Sierra.
The Meltdown patch for MacOS 10.12 Sierra and MacOS 10.11 El Capitan arrives after Intel requested that manufacturers halt in distributing Meltdown updates. The company acknowledged an unusually high number of system reboots stemming from the updates, and currently has a new fix in the works for fourth- and fifth-generation Intel processors. The reboot issue remains unaddressed for all other Intel-based CPUs.
What is interesting about Apple’s trio of updates outside the Meltdown fix is that the company mentions Google Project Zero researcher Jann Horn three times, who is one of the individuals responsible for discovering the Meltdown and Spectre issues. Apple ties Horn to the Meltdown patch for Sierra and El Capitan but also references Horn to a pair of security issues patched in High Sierra: CVE-2018-4090 and CVE-2018-4093.
A search in the Common Vulnerabilities and Exposures database shows both security issues are listed as “reserved.” That means the problems have yet to be officially announced but are fixed nonetheless despite a lack of public disclosure. The same holds true for CVE-2018-4082 patched in all three versions of MacOS: a “reserved” security issue discovered by Russ Cox at Google.
In addition to all the kernel-based issues, Apple fixed a problem in High Sierra and Sierra related to audio, which allowed hackers to execute malicious code using an audio file. The company also addressed a memory corruption issue that enabled an application to execute arbitrary code using “deep” operating system privileges.