Apple previously released security updates to defend against Spectre—a series of speculative execution vulnerabilities affecting devices with ARM-based and Intel CPUs. Intel has disclosed additional Spectre vulnerabilities, called Microarchitectural Data Sampling (MDS), that apply to desktop and notebook computers with Intel CPUs, including all modern Mac computers.
macOS Mojave 10.14.5 includes security updates for Safari, and the option to enable full mitigation, as described below.
Unsupported Macs supported by ‘Patched Sur’ First of all, make sure that your Mac is not in the official macOS Big Sur list of compatible Macs.At the time of writing, the following Macs are.
How to Install macOS Catalina on Unsupported Mac After checking your Mac, if your Mac is in the unsupported list, you can install macOS Catalina slightly without this tool and steps. If your Mac is unsupported follow the steps below. Once the tool is there, open it. Your machine will restart and you should now be able to boot from the Mac OS 9 For Unsupported G4’s CD from MacOS9Lives.com. Any data stored in the NVRAM will be erased if the machine loses power (e.g. The main power cable is disconnected from a wall outlet/power adapter, or has a flat battery.
Security Update 2019-003 High Sierra and Security Update 2019-003 Sierra include the option to enable full mitigation.
About security fixes in macOS Mojave
macOS Mojave 10.14.5 fixes this issue for Safari with no measurable performance impact.1 This update prevents exploitation of these vulnerabilities via JavaScript or as a result of navigating to a malicious website in Safari.
Customers can also protect their Mac by updating security settings in macOS to download apps only from the App Store. This setting helps prevent the installation of apps that could potentially exploit these vulnerabilities. All apps from the App Store are signed by Apple to ensure that they haven’t been tampered with or altered. Learn how to view and change app security settings on your Mac.
Although there are no known exploits affecting customers at the time of this writing, customers with computers at heightened risk or who run untrusted software on their Mac can optionally enable full mitigation to prevent harmful apps from exploiting these vulnerabilities. Full mitigation requires using the Terminal app to enable an additional CPU instruction and disable hyper-threading processing technology. This capability is available for macOS Mojave, High Sierra, and Sierra in the latest security updates and may reduce performance by up to 40 percent2, with the most impact on intensive computing tasks that are highly multithreaded. Learn how to enable full mitigation.
Unsupported Mac models
These Mac models may receive security updates in macOS Mojave, High Sierra or Sierra, but are unable to support the fixes and mitigations due to a lack of microcode updates from Intel.
- MacBook (13-inch, Late 2009)
- MacBook (13-inch, Mid 2010)
- MacBook Air (13-inch, Late 2010)
- MacBook Air (11-inch, Late 2010)
- MacBook Pro (17-inch, Mid 2010)
- MacBook Pro (15-inch, Mid 2010)
- MacBook Pro (13-inch, Mid 2010)
- iMac (21.5-inch, Late 2009)
- iMac (27-inch, Late 2009)
- iMac (21.5-inch, Mid 2010)
- iMac (27-inch, Mid 2010)
- Mac mini (Mid 2010)
- Mac Pro (Mid 2010)
- Mac Pro (Mid 2012)
1 Safari performance: Testing conducted by Apple in May 2019 showed that these updates resulted in no measurable reduction in Safari performance using common Web browsing benchmarks such as Speedometer, JetStream, and MotionMark.
Big Sur For Unsupported Macs
2 macOS performance: Testing conducted by Apple in May 2019 showed as much as a 40% reduction in performance with tests that include multithreaded workloads and public benchmarks. Performance tests are conducted using specific Mac computers. Actual results will vary based on model, configuration, usage, and other factors.