Published on January 4th, 2018 | by Kirk Hiner1
Apple: tvOS 11.2 update addresses “meltdown” vulnerability
Reports surfaced this week of two security vulnerabilities—Meltdown and Spectre—that affect nearly all modern operating systems. Apple today released a support document stating that they’ve already addressed Meltdown. For Apple TV users, the problem was tackled with the tvOS 11.2 update.
Apple explains the two vulnerabilities in their support document:
The Meltdown and Spectre issues take advantage of a modern CPU performance feature called speculative execution. Speculative execution improves speed by operating on multiple instructions at once—possibly in a different order than when they entered the CPU. To increase performance, the CPU predicts which path of a branch is most likely to be taken, and will speculatively continue execution down that path even before the branch is completed. If the prediction was wrong, this speculative execution is rolled back in a way that is intended to be invisible to software.
The Meltdown and Spectre exploitation techniques abuse speculative execution to access privileged memory—including that of the kernel—from a less-privileged user process such as a malicious app running on a device.
Apple released mitigations for Meltdown in iOS 11.2, macOS 10.13.2, and tvOS 11.2. watchOS did not require mitigation. Our testing with public benchmarks has shown that the changes in the December 2017 updates resulted in no measurable reduction in the performance of macOS and iOS as measured by the GeekBench 4 benchmark, or in common Web browsing benchmarks such as Speedometer, JetStream, and ARES-6.
You can read the entire support document at support.apple.com, or just rest easy knowing that your Apple TV is already in good shape if you’ve updated to tvOS 11.2.