Skip to content
Thoughtful, detailed coverage of everything Apple for 34 years
and the TidBITS Content Network for Apple professionals
Photo of creepy hands reaching around trees

Image by Simon Wijers from Pixabay


Apple Patches ZombieLoad Vulnerabilities

Over at TechCrunch, Zack Whittaker describes ZombieLoad, a new class of speculative execution security vulnerabilities in Intel chips that could allow malicious code to see data owned by other apps within the processor. A proof-of-concept video shows how the vulnerabilities could allow an attacker to see what Web sites the user is visiting in real-time. Nearly all computers with Intel chips dating back to 2011 and possibly farther are vulnerable, including Macs.

That said, most Mac users have little to worry about. We have seen no reports of exploits based on ZombieLoad, and the vulnerabilities are reportedly non-trivial to use in an attack.

More importantly, Apple included fixes for ZombieLoad in the just-released macOS 10.14.5 and Security Update 2019-003 for Sierra and High Sierra. These fixes have no measurable performance impact but provide only partial mitigation of the ZombieLoad bugs. For users in extremely sensitive situations, Apple has published instructions for full mitigation, but implementing them could reduce performance by up to 40% due to the loss of hyper-threading. Also, Apple provides a list of Macs from 2009 and 2010 that can install the security updates but don’t support the fixes due to a lack of microcode updates from Intel.

The practical upshot is that everyone should install macOS 10.14.5 or Security Update 2019-003 sooner rather than later. The likelihood of a ZombieLoad-enabled attack happening soon is low, but this situation illustrates why it’s crucial to stay up to date with Apple’s operating system and security updates.

We also have to imagine that situations like this are informing Apple’s thinking about possibly replacing Intel CPUs in Macs with Apple’s own ARM-based chips. If nothing else, Macs built around non-Intel chips might be even less of a target than they are now.

Subscribe today so you don’t miss any TidBITS articles!

Every week you’ll get tech tips, in-depth reviews, and insightful news analysis for discerning Apple users. For over 33 years, we’ve published professional, member-supported tech journalism that makes you smarter.

Registration confirmation will be emailed to you.

This site is protected by reCAPTCHA. The Google Privacy Policy and Terms of Service apply.

Comments About Apple Patches ZombieLoad Vulnerabilities

Notable Replies

  1. Has anyone gotten the advisory from Apple that is discussed in the article?

    New security flaw found in Intel chips

    A new security flaw in Intel chips is embedded in the architecture of computer hardware and can’t be fully fixed; it could affect millions of devices.

  2. We also have to imagine that situations like this are informing Apple’s thinking about possibly replacing Intel CPUs in Macs with Apple’s own ARM-based chips.

    The loss of functionality that would result from Apple leaving Intel’s CISC based CPUs and returning to RISC CPUs is profoundly prohibitive. AFAIAC this debate has been extensively thrashed out and is over. I wish we’d all drop this unrealistic rumor/speculation.

  3. It actually goes way back before the “2011 and later” machines that are spoken about. Intel chips apparently have had hyperthreading going back to some late Pentium chips. My cMP of 2010 with a 6 core Westmere say NOTHING about Hyperthreading in the System report but it DOES have Hyperthreading. What I have read is that there is NO SOLUTION for my machine, it isn’t coming from Apple, and it sure isn’t coming from Intel. The forced OS update does NOT address this, it seems the ONLY option is to severely restrict performance by close to half.

    That being said, I suspect the general vulnerability is most likely quite low. Of all the potential warning systems, I like Snitch the best, so it is always kept up to date. I have weekly clones AND a Time Machine backup. So I think I am reasonably protected. What I suspect is this is just more sauce for the goose to close down the OS even further, I see the day when the file system is shut off from us (it’s coming as they work to make the desktop OS into iOS). Makes me quite sad…

Join the discussion in the TidBITS Discourse forum


Avatar for ace Avatar for alvarnell Avatar for david_tuma Avatar for tidbits41 Avatar for derekcurrie