Vulnerabilities could allow a hacker to steal your passwords and other sensitive information. While many companies have rushed to patch against Meltdown, which specifically affects Intel chips and lets hackers access the memory of apps being used by an operating system, Spectre is more stubborn. The flaws affect modern processors including Intel, AMD and ARM that use “speculative execution” to enhance performance.
Fixing the problems will slow a computer’s performance, experts say, especially on devices more than five years old.
Major software makers have not issued patches to protect against the second vulnerability, dubbed Spectre, which affects almost all computer chips made in the last decade. The flaw was thought to be much harder to fix, if fixable at all.
“A Cisco product that may be deployed as a virtual machine or container, even while not being directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable”, the company advised, adding that it would release software updates to combat that prospect. The flaw allows hackers to take info from programs that shouldn’t be visible outside that program.
“All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time”, Apple – whose devices are usually regarded as secure – said in a post on an online support page on Thursday. Meltdown has been addressed with software patches issued by Microsoft and Apple, as well as several browser manufacturers.
The company has said that it will release a patch to protect its browser, Safari, against Spectre. You can also go to the settings app on the phone, tap About Device and then tap System Updates to see if an update is available.
Update: Apple Watch is unaffected by both Meltdown and Spectre.
Fixes: Released for Android, Google Cloud, and pending for Chrome.
Soon after the chip flaws were disclosed on Wednesday, Google and Microsoft told users which of their products were affected.
Consumers can mitigate the underlying vulnerability by making sure they patch up their operating systems with the latest software upgrades. Google released those changes to its Android partners last month.
Apple products will automatically update themselves, or at least prompt users to update them. The issue was discovered by Google and academic researchers previous year, and they had been working with the tech firms to try to put a fix in place before releasing any information on the problem.
“We also collaborated with hardware and software manufacturers across the industry to help protect their users and the broader web”, Sloss explained. Apple remained silent for more than a day about the fate of the hundreds of millions of users of its iPhones and iPads.