
macOS Meltdown Patch in 10.13.2 was also in El Capitan & Sierra Security Updates - miles
Apple just updated <i>About the security content of macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan</i>[0] with the following additional information:<p>&gt; Kernel<p>&gt; Available for: macOS High Sierra 10.13.1, macOS Sierra 10.12.6, OS X El Capitan 10.11.6<p>&gt; Impact: An application may be able to read kernel memory<p>&gt; Description: Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.<p>&gt; CVE-2017-5754: Jann Horn of Google Project Zero, Werner Haas and Thomas Prescher of Cyberus Technology GmbH, and Daniel Gruss, Moritz Lipp, Stefan Mangard and Michael Schwarz from Graz University of Technology<p>&gt; Entry added January 4, 2018<p>[0] https:&#x2F;&#x2F;support.apple.com&#x2F;en-us&#x2F;HT208331
======
miles
Since posting this 18 hours ago, Apple has changed the text yet again[0] to
apparently indicate that the fix was NOT included in El Capitan and Sierra
Security Updates:

> Kernel

> Available for: macOS High Sierra 10.13.1

> Impact: An application may be able to read kernel memory

> Description: Systems with microprocessors utilizing speculative execution
> and indirect branch prediction may allow unauthorized disclosure of
> information to an attacker with local user access via a side-channel
> analysis of the data cache.

> CVE-2017-5754: Jann Horn of Google Project Zero, Werner Haas and Thomas
> Prescher of Cyberus Technology GmbH, and Daniel Gruss, Moritz Lipp, Stefan
> Mangard and Michael Schwarz from Graz University of Technology

> Entry updated January 5, 2018

[0]
[https://news.ycombinator.com/item?id=16081146](https://news.ycombinator.com/item?id=16081146)

