Security Announcement: Meltdown and Spectre

James RidsdaleApple, Security Announcement

As you may have heard in the media, two speculative execution vulnerabilities have been discovered in both ARM-based and Intel CPUs.

What is Meltdown?

Meltdown (CVE-2017-5754) breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and therefore the secrets, of other programs and the operating system.

What is Spectre?

Spectre (CVE-2017-5753) breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of these practices actually increase the attack surface and may make applications more susceptible to Spectre.

How does this affect you?

At this moment in time, there is no known record of these exploits in the wild. All vendors have been working for some time on patches, and Apple has already released mitigations for Meltdown in iOS 11.2, macOS High Sierra 10.13.1+, macOS Sierra 10.12.6, OS X El Capitan 10.11.6, and tvOS 11.2.

Will this slow my device down?

With regards to Meltdown, testing with public benchmarks have shown that the changes released in the December 2017 updates resulted in no noticeable reduction in the performance of macOS and iOS. This was measured by the GeekBench 4 benchmark and also in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.

With regards to Spectre, testing indicates the upcoming Safari mitigations will have no measurable impact on the Speedometer and ARES-6 tests, with an impact of less than 2.5% on the JetStream benchmark. We continue to develop and test further mitigations within the operating system for the Spectre techniques and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.

What are dataJAR doing about this?

Our internal team is working with our upstream providers to ensure our systems remain secure. Additionally, devices managed by will be patched as and when Apple releases further updates to their operating systems.

Further information

If you have an active support agreement with us and would like further information, please e-mail your question to our support team.