This may lead to unexpected behavior and data loss. Apple released security updates to address the Spectre and Meltdown vulnerabilities in the Intel processor line. These updates are now enabled by default. An updated kernel may resolve the state management issue. An updated Windows kernel resolves the DLL hijacking issue. An updated XNU kernel may resolve the privilege escalation issue. A new version of the iOS kernel (10.13) resolves the state management issue. An updated version of the macOS kernel (18G) resolves the DLL hijacking issue. An updated version of XNU (10.13) resolves the privilege escalation issue. An updated version of the Windows kernel (1809) resolves the DLL hijacking issue. An updated version of XNU (1809) resolves the privilege escalation issue. An updated version of the iOS kernel (12R) resolves the state management issue. An updated version of the macOS kernel (18M) resolves the DLL hijacking issue. An updated version of XNU (18M) resolves the privilege escalation issue. An updated version of the iOS kernel (12.1) resolves the state management issue. An updated version of XNU (12.1) resolves the privilege escalation issue.
Check if you are affected by Spectre and Meltdown
If you are using MacOS 10.13, you are not affected by the state management issue. If you are using iOS 12R, you are not affected by the state management issue.
Spectre And Meltdown Mitigation By Apple, Microsoft, and Others
Meltdown and Spectre are the result of a flaw in how Intel CPUs execute memory access instructions. This flaw allows for data to be accessed from unprivileged processor states.
Spectre is a class of side-channel attack that exploits speculative execution. Meltdown is similar, with the exception of being a class of side-channel attack on cache memory accesses. These attacks allow malicious programs to steal sensitive information from other running programs. The original attacks affected Intel chipsets and were discovered by researchers at Google Project Zero (GPZ).
The vulnerability was discovered by security researchers at Graz University of Technology in Austria, who reported it to GPZ in June 2018. After months of speculation, news articles surfaced in December 2018 stating that Apple and Microsoft were aware of the issue and that it would be dealt with in their respective operating systems through software updates later that month.
XNU kernel state management issue
Apple released security updates to address the Spectre and Meltdown vulnerabilities in the Intel processor line. These updates are now enabled by default. An updated kernel may resolve the state management issue. A new version of the iOS kernel (10.13) resolves the state management issue.
Other changes in iOS 12.1
Apple has released the latest version of iOS 12.1 for all supported devices, with the following changes:
- A fix for a state management issue in the kernel that may lead to unexpected behavior and data loss.
- A fix for a DLL hijacking issue in the kernel that may lead to unintended behaviors.
- A fix for a privilege escalation issue in XNU that may allow an application or group of applications running as root.
Check for the latest version of iOS, macOS, Windows and XNU
If you are using an Apple device and have updated the OS to 10.13, you're not affected by this issue. If you are using a macOS or Windows system, or if you're running iOS 12.1, the issue is not present in these systems.
Timeline
Published on: 03/18/2022 18:15:00 UTC
Last modified on: 03/25/2022 20:04:00 UTC