Published: Sat, January 06, 2018
Science | By Eileen Rhodes

Apple says all Macs and iOS devices affected by chip flaws

Apple says all Macs and iOS devices affected by chip flaws

The issues affect billions of devices worldwide, and Spectre is particularly hard to mitigate, according to the researchers.

Some experts say that to completely get rid of the risks created by the flaws, the affected processors need to be replaced entirely. Spectre, which covers two of them, was discovered in chips made by Intel, AMD and ARM, while Meltdown affects Intel products and a recent ARM processor.

Still, if some level of threat from Spectre exists, AMD chips merit inclusion.

Huawei issued a statement saying it has started an "analysis and investigation" of the situation and has communicated with the related suppliers.

The company says that is "has developed and is rapidly issuing updates for all types of Intel-based computer systems", but it is not clear when - or whether - older devices will be treated to patches.

Intel said it does not expect users to experience any performance issues.

Current updates to macOS and iOS protect against Meltdown, and Apple is working on providing better protections against Spectre.

However, there are now no known attacks that have exploited these flaws, according to the Google researchers. "We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS and watchOS", Apple added.

More news: Win Big: Mega Millions numbers drawn for $450 million jackpot

Google said its Android phones were protected if users had the latest security updates. It said that there were no known instances of hackers taking advantage of the flaw to date.

And the problem might affect nearly all of the devices around the world. Home users running light tasks - even playing up-to-date games - should be much less affected.

Apple says all its Mac and iOS products are affected, with the exception of the Apple watch.

The company reminded users to only download software from "trusted sources such as its App Store", since exploiting the flaws would require having a malicious app loaded onto the device.

The National Cyber Security Centre, a part of GCHQ, said the major cloud service providers were installing fixes on their own platforms but separate updates would be needed on the operating systems of any virtual machines.

Google said in a blog post on its security blog that it shared a new fix, called Retpoline with its partners which fixes one of the Spectre vulnerabilities (CVE-2017-5715).

Researchers first announced the two flaws affecting virtually all computer processors on Wednesday.

As the world absorbed the news that chips on practically every device made in the last decade are vulnerable to Spectre and Meltdown, the only tech giant staying quiet was Apple.

Like this: