Vulnerabilities Found in Most Processors Put Your Data at Risk

Pablo Tucker
January 12, 2018

Most Intel processors and some ARM chips are confirmed to be vulnerable, putting billions of devices at risk of attacks. In short, the number of affected Apple products is huge, and the company doesn't yet have fixes ready for all of them, but it's working on them - there's no need to worry.

The researchers at Google showed how a hacker could exploit the flaw to get passwords, encryption codes and more, even though there have been no reports of any attacks using the vulnerability.

The Spectre flaw affects most modern processors, including Intel, AMD and those designed by ARM. The company said it will be issuing updates for Safari on MacOS and iOS in the coming days, to guard against any potential exploit in JavaScript on the web browser.

Sound advice, and we have several tips of our own, when you have a spare moment (they're outlined here). All of these have security tweaks in place to protect users against Meltdown, which for the time being seems to only affect Intel processors. AMD chips are also common in PCs, while ARM chips are found in many smartphones and other internet-connected products, including cars and home appliances.

This certainly isn't unique to Apple systems and devices, however, so Apple-specific criticism surrounding these flaws is short-sighted and unwarranted.

Apple Watch is not affected by the Meltdown flaw, the company said.

Computer chipmaking giant Intel-the focus of the first reports on the flaw-said the company and its partners "have made significant progress in deploying updates" to mitigate any threats.

Companies such as Google, Microsoft, Amazon, and Citrix have all issued advisories for users of their cloud services on how to best protect themselves from these attacks.

CPUs can leak data when unwinding unused speculative execution paths.

Proofpoint cybersecurity strategy vice-president Ryan Kalember said there was no "immediate fix" available for Spectre, but consumers should simply ensure they installed the latest software updates on their devices and did not download unauthorised programs.

Unfortunately, there are tens if not hundreds of millions of older Apple devices in the marketplace that can't run Apple's latest operating systems and browsers, and it's unclear what Apple will do to secure them.

The Meltdown and Spectre exploits take advantage of speculative execution by accessing "privileged" memory from a less-privileged source.

The vulnerabilities affect the microprocessors in the majority of the world's computers, including mobile devices and cloud networks, and can allow hackers to access the entire contents of a computer's memory.

But while updates should protect most users against one of the vulnerabilities, dubbed Meltdown, the second one, Spectre, is proving trickier to tackle.

Other reports by iNewsToday