Apple has warned owners of its iPhones, iPads and computers that its devices are affected by a processor flaw known as “meltdown” and “spectre” which could leave them vulnerable to hackers.
Meltdown and Spectre flaws are found in all modern computer processing units made by Intel and ARM, which supply to almost the entire global computer market. Apple disclosed that iOS 11.2, MacOS 10.13.2 and tvOS 11.2 already defend against the Meltdown flaw. It plans to release fixes for its Safari browser over the coming days to help defend against the Spectre flaw.
On Tuesday, news broke that a newly discovered exploit in most modern processors could make your computer or phone vulnerable to attacks. Yesterday, Intel, Arm and others acknowledged their processors are affected by the flaws, known by the names Spectre and Meltdown.
Intel supplies chips for most of the world’s computers, including Apple’s Macs while Arm’s architecture is built into nearly every mobile processor, including chips designed by Apple for the iPhone and iPad.
Although, Mac users have often believed that their devices and operating systems are less vulnerable to security issues than android phones or computers running Microsoft systems, there is still no evidence that the flaws which affect computer processors built by Intel and ARM have been exploited by hackers, though companies including Microsoft have been working to provide fixes.
Apple said it had released updates for iOS, the software on its phones and tablets, macOS, which is used by its computers and tvOS for its television products.
“We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, MacOS, tvOS and watchOS,” Apple said in a blogpost.
Several researchers, including a member of Google’s Project Zero team, found that a design technique used in chips from Intel, Arm and others could allow hackers to access private data from the memory on your device that it shouldn’t be able to see. The problem impacts processors going back more than two decades and could let hackers access passwords, encryption keys or sensitive information open in applications.
The flaws aren’t unique to one particular chipmaker or device. Instead, they impact everything from phones to PCs and servers. The computing industry is scrambling to lessen the severity of the problem with updates to operating systems, web browsers, cloud-computing services and other foundations that need to be kept secure.
Intel on Thursday said that by the end of next week, it expects to have issued updates for more than 90 percent of its processors introduced within the past five years. The updates make computers “immune from both exploits,” Intel said.
Apple said it had already released some patches but there was no evidence that the vulnerability had been exploited, but it advised its customers to download software only from trusted sources to avoid “malicious” apps.
Google too has issues a statement informing users that its Android phones were protected it users had the latest security updates.
