SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

Apple Supplements macOS Security Update to Address Wide-Reaching Flaw

Posted on May 16, 2018

Only a few weeks after the recent release of macOS High Sierra 10.13.4, Apple has amended the update by publishing an additional fix under this version number. Addressing a new flaw described as “serious” by the security community, the supplemental version of 10.13.4 addresses a problem in Intel CPUs discovered near the end of April that affects a broad number of devices, including Windows and Linux machines. However, unlike the Spectre and Meltdown flaws that caused much concern due to their so-called “unpatchable” nature, there is a way to address this problem.

What’s the issue? The bug concerns a process called “exception handling” which is one of the most basic and vital functions of modern processors. When the CPU detects anomalous conditions such as an instruction for the CPU that causes a problem or could yield a potential error, that instruction gets flagged as an exception. The CPU puts a pause on the exception, runs the good instructions waiting in line behind it, and then looks for a way to handle the exception when free cycles become available.

However, in this particular case, exceptions involving specific sets of instructions (such as a “stack switch”), can fool the CPU into allowing them to run before identifying their nature. In other words, it’s a way to bypass one of the most important safeguards to ensure proper processor operation. An attacker who develops an exploit to use this flaw could then potentially escalate their privileges to be able to run arbitrary code with full access or to crash the system.

The good news, however, is that an attacker would need physical access and a guest login to the machine to be able to run software capable of exploiting the flaw. Remote execution, in this case, is not possible and therefore not a concern. Despite the rare chance that you might encounter this problem at all, it remains a good idea to refresh your version of macOS to ensure you have the full benefits of all the most recent security updates for your Mac.

Join our mailing list for the latest security news and deals