You've probably heard by now. MS, Linix, Apple all 'cooperating with Intel to find a fix/patch... since November? [rolleyes2]Intel's response (https://newsroom.intel.com/news/intel-responds-to-security-research-findings/)
Ars technica story and interesting comments (https://arstechnica.com/gadgets/2018/01/whats-behind-the-intel-design-flaw-forcing-numerous-patches/)
Dear X-Air and WeatherCat concerned Netizens,
You've probably heard by now. MS, Linix, Apple all 'cooperating with Intel to find a fix/patch... since November? [rolleyes2]Ars technica story and interesting comments (https://arstechnica.com/gadgets/2018/01/whats-behind-the-intel-design-flaw-forcing-numerous-patches/)
Thanks for posting ArsTechnica link. It was a little heady, but there was enough there to understand what the problem is. Sadly, it looks like Intel really goofed badly for these researchers to be able get their hands on kernel data. The suggested patches look really clumsy and inefficient. I'm sure Intel will try to escape, but this looks to me like a monster of a class-action lawsuit in the making.
Oh well, . . . . . . Edouard
iOS 11.2.2
Released January 8, 2018
Available for: iPhone 5s and later, iPad Air and later, and iPod touch 6th generation
Description: iOS 11.2.2 includes security improvements to Safari and WebKit to mitigate the effects of Spectre (CVE-2017-5753 and CVE-2017-5715).
https://support.apple.com/en-us/HT208401 (https://support.apple.com/en-us/HT208401)
Note that this update only "mitigates the effects of Spectre [emphasis added]".
Another sources remarks (https://nakedsecurity.sophos.com/2018/01/09/apple-issues-spectre-fix-with-ios-11-2-2-update/), once again, pointing out the problems of allowing javascript to run on your hardware. "...The two Spectre vulnerabilities can be triggered via Javascript running in a web browser..." [rolleyes2]