14 DAY TRIAL // Apple published today a new support document about the security content of the macOS High Sierra 10.13.3 software update released earlier today, along with new security updates for macOS Sierra and El Capitan.
Two major security vulnerabilities have been unearthed earlier this month, dubbed Spectre and Meltdown, discovered to affect billions of devices, including Macs. Apple already patched the Meltdown security vulnerability with last year's macOS High Sierra 10.13.2.
But Spectre patches were released with a macOS High Sierra 10.13.2 Supplemental Update a week later. However, these security fixes to mitigate Meltdown and Spectre weren't available for older macOS versions, such as Sierra and El Capitan, which Apple still supports.
That changes today, as Apple has backported the Spectre and Meltdown security fixes from macOS High Sierra 10.13 to both macOS Sierra 10.12.6 and Mac OS X El Capitan 10.11.6 systems, urging users to update their installations as soon as possible.
"Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache," reads today's security advisory.
Several other security fixes were ported to Sierra and El Capitan
The document also shows us that Apple managed to port several other security fixes for various vulnerabilities, including a Wi-Fi bug, some kernel issues, a QuartzCore flaw, a LinkPresentation bug, an audio bug, and an IOHIDFamily vulnerability, to the macOS Sierra 10.2.6 and Mac OS X El Capitan 10.11.6 operating systems.
Those who can't or won't upgrade their Macs to the latest macOS High Sierra 10.13.3 software update, can now install the Security Update 2018-001 for macOS Sierra 10.2.6, and Security Update 2018-001 for Mac OS X El Capitan 10.11.6. All users are urged to update their Macs at their earliest convenience.