Apple Releases Security Updates in macOS 10.14.5 to Protect Vulnerabilities in Intel CPUs

Yesterday, it was reported that security researchers have discovered a new round of security flaws affecting Intel CPUs which, if exploited, can be used to steal sensitive information, such as passwords, directly from the processor.

Although Intel has already released microcode to patch vulnerable processors, Apple rolled out security updates in macOS Mojave 10.14.5 to protect against speculative execution vulnerabilities in Intel chips, with a new support document detailing the changes (via Reddit).


According to Apple, macOS 10.14.5 includes security updates for Safari, and the option to enable full mitigation. The update prevents exploitation of vulnerabilities via JavaScript or as a result of navigating to a malicious website in Safari. Apple also notes that issues addressed by the updates do not affect iOS devices or the Apple Watch.

Full mitigation requires using the Terminal app to enable an additional CPU instruction and disable hyper-threading processing technology. This capability is available for macOS Mojave, High Sierra, and Sierra in the latest security updates and may reduce performance by up to 40 percent2, with the most impact on intensive computing tasks that are highly multithreaded.

Apple has also rolled out Security Update 2019-003 High Sierra and Security Update 2019-003 Sierra which include the option to enable full mitigation.

The support document also has listed Mac models that are “unable to support the fixes and mitigations due to a lack of microcode updates from Intel,” says Apple:

  • MacBook (13-inch, Late 2009)
  • MacBook (13-inch, Mid 2010)
  • MacBook Air (13-inch, Late 2010)
  • MacBook Air (11-inch, Late 2010)
  • MacBook Pro (17-inch, Mid 2010)
  • MacBook Pro (15-inch, Mid 2010)
  • MacBook Pro (13-inch, Mid 2010)
  • iMac (21.5-inch, Late 2009)
  • iMac (27-inch, Late 2009)
  • iMac (21.5-inch, Mid 2010)
  • iMac (27-inch, Mid 2010)
  • Mac mini (Mid 2010)
  • Mac Pro (Late 2010)

To learn how to enable full mitigation, hit up this link.