Apple may be not provided ZombieLoad vulnerability patch for some Macs

Several Macs before 2011 may still be vulnerable to security attacks like “ZombieLoad,” and Apple can’t solve the problem because Intel won’t post the necessary microcode updates. Although the “ZombieLoad” vulnerability itself does not affect these machines, due to the specific attack vector, Apple can’t completely fix other such “speculative execution vulnerabilities” without Intel’s help.

The “ZombieLoad” vulnerability affects all Intel processors since 2011, and Apple’s latest support documentation lists only the Mac models that were previously susceptible to similar issues.  Apple said in its new support document:

“These models may receive security updates in macOS Mojave, High Sierra or Sierra, but are unable to support the fixes and mitigations due to a lack of microcode updates from Intel.”

These Mac models are as follows:

• MacBook (13-inch, Late 2009)
• MacBook (13-inch, Mid 2010)
• MacBook Air (13-inch, Late 2010)
• MacBook Air (11-inch, Late 2010)
• MacBook Pro (17-inch, Mid 2010)
• MacBook Pro (15-inch, Mid 2010)
• MacBook Pro (13-inch, Mid 2010)
• iMac (21.5-inch, Late 2009)
• iMac (27-inch, Late 2009)
• iMac (21.5-inch, Mid 2010)
• iMac (27-inch, Mid 2010)
• Mac mini (Mid 2010)

Via: appleinsider