Apple has issued more patches for the Meltdown and Spectre vulnerability that is affecting just about every computer processor made in the last 20 years or so.
The bug was discovered in June last year and everyone has been scrambling to issue updates and fixes to mitigate the vulnerability. Of the two, Meltdown can easily be fixed, and has been fixed in the major computing platforms. Spectre is a bug that’s harder to exploit but also almost impossible to fix on existing hardware. Apple appears to have already patched out Meltdown in previous operating system updates. If you’re on iOS 11.2, macOS 10.13.2 and tvOS 11.2, you’ve already been secured against Meltdown.
Since Spectre is impossible to fix, current solutions revolve around patching known exploits of the vulnerability. The recently released iOS updates address some of these exploits and specifically relate to a browser-based exploit.
Taking advantage of Spectre, a hacker could, in theory, compromise your protected data via Safari, Firefox, Chrome, or any other modern browser.
Apple’s updates, which come in the form of iOS 11.2.2, macOS High Sierra 10.13.2 Supplemental Update and Safari 11.0.2, are specifically designed to prevent exploits via Safari, among other things.
iOS 11.2.2 is available for iPhone 5s and later, iPad Air and later and for the 6th generation iPod Touch. This update primarily patches Safari and its rendering engine.
macOS 10.13.2 Supplemental Update is available for devices running macOS 10.13.2. If you update to this version, you will not need to update Safari separately.
Safari 11.0.2 has been issued as a separate update as well to support older hardware and operating systems. The update is available for devices running OS X El Capitan 10.11.6 and macOS Sierra 10.12.6.