MacOS is yet to have a patch for 10.12.6 (Sierra) to resolve this.

K0nserv · on Jan 9, 2018

It is patched on Sierra, this was part of the 2017-002[0] security update on the 6th of December.

0: https://support.apple.com/en-gb/HT208331

ridgeguy · on Jan 10, 2018

That link shows Meltdown in reference only to High Sierra, not Sierra. What am I missing?

K0nserv · on Jan 10, 2018

You're right, can't believe I missed that.

Edit: See the archive[0] apparently I'm not going mad and it used to say that the patch was applied to Sierra and El Capitan, but Apple has since changed that.

0: https://web.archive.org/web/20180105102220/https://support.a...

ridgeguy · on Jan 11, 2018

Thanks. I thought I was going nuts, too.

devy · on Jan 9, 2018

Did you get the PoC built on macOS? I can't get it built on El Capitan.

Acen · on Jan 9, 2018

Not any of the PoC. There are repositories around the internet building and working successfully though. E.g. Spectre exploit example https://github.com/ixtal23/spectreScope

sehugg · on Jan 9, 2018

FWIW, that PoC (reading user memory only) still works on 10.13.2 even after the patch is applied.

K0nserv · on Jan 9, 2018

The KAISER[0] fix which is what has been patched by OSes for Meltdown only resolves full physical memory and kernel memory access. You can still use Meltdown techniques to read arbitrary memory in your process, but this seems expected.

0: https://en.wikipedia.org/wiki/Kernel_page-table_isolation

lewapkon · on Jan 9, 2018

You mean 10.12.6

Acen · on Jan 9, 2018

Ah yes, thanks.