Apple has published a list of Macs still exposed to "ZombieLoad" exploits because they can't be patched.
The older machines ̵
1; all made before 2011 – can receive security updates, Apple says. But a real solution will not be available because Intel will not release necessary microcode updates.
The exploitation of ZombieLoad utilizes a newly discovered vulnerability in all Intel processors released since 2011. It allows attackers to acquire sensitive data temporarily stored on the chip.
Fixing the problem is complicated. Apple has already rolled out patches that reduce the problem, but users who use a full repair can get a performance reduction of up to 40%.
Some Mac users do not get a proper solution at all, Apple has warned.  Older Macs Still Vulnerable to ZombieLoad
A number of Mac models released before 2011 may remain vulnerable to ZombieLoad and similar exploits, Apple has warned. These include:
- MacBook (13-inch, late 2009)
- MacBook Air (11-inch, mid-2010)
- MacBook Air Sent 2010)
- MacBook Pro (17-inch, mid-2010 )
- MacBook Pro (15-inch, mid-2010)
- MacBook Pro (13-inch, mid-2010)
- iMac, Late 2009)
- iMac (27-inch, Late 2009)  iMac (21.5 inch, mid 2010)
- iMac (27 inch, mid 2010)
- Mac mini 19659012] Mac Pro (late 2010)
ZombieLoad itself won't work on these machines because they use older Intel chips. But they may be vulnerable to similar "speculative execution issues," Apple says, and only so much Cupertino can do about it.
Intel won't fix older processors
"These models can receive security updates in MacOS Mojave, High Sierra or Sierra," Apple explains in a new support document. But they are "unable to support the repairs and limitations due to the lack of microcode updates from Intel."
You shouldn't be too worried, though. Even on newer Macs, ZombieLoad and similar exploits are unlikely to affect many users.
But this is another big reason why Apple is rumored to be developing its own chips for Mac. Relying on third parties leads to all sorts of problems that Apple often doesn't have control over.