TechCrunch reported on Tuesday that security researches have discovered another processor level exploit called “ZombieLoad” which affects almost all Intel processors released since 2011, including those used in Apple Devices. This is similar to the “Spectre” and “Meltdown” exploits of 2018.
Thankfully Apple, Microsoft, and various Linux distributions have already released patches for the exploit.
It is recommended that all macOS users running Mojave update to 10.14.5 as soon as possible, and those running macOS Sierra or macOS High Sierra install the Security Update 2019-003. All should be available from the App Store.
For those who use their Macs in more sensitive environments, unfortunately there is some bad news. The patches in both macOS 10.14.5 and the Security Update 2019-003 do not provide full protection for the “ZombieLoad” MDS exploit, as Apple states there could be up to a 40% performance hit.
You can manually enable the full mitigation of the “ZombieLoad” exploit by following the instructions in Apple’s knowledgeable article “How to Enable Full Mitigation for Microarchitectural Data Sampling (MDS) Vulnerabilities”.
- Turn on or restart your Mac and immediately press and hold Command (⌘)-R or one of the other macOS Recovery key combinations on your keyboard.
- From the Utilities menu in the menu bar, choose Terminal.
- Type the following two commands, one at a time, at the Terminal prompt. Press Return after each one.
- From the Apple menu , choose Restart.