Published: Tue, January 09, 2018
Hi-Tech | By Cory Rios

Who's affected by Intel computer chip security flaw

Who's affected by Intel computer chip security flaw

When the news broke last week of two side-channel attacks - Spectre and Meltdown - Apple stated that it had already released mitigations for Meltdown in iOS 11.2, macOS 10.13.2, and tvOS 11.2, and that fixes for Spectre would follow.

Technology companies are scrambling to fix serious security flaws affecting computer processors built by Intel and other chipmakers and found in numerous world's personal computers and smartphones. Google disclosed the existence of these CPU flaws last week. One variant of Spectre could be exploited through web browsers, which is why Apple issued fixes for Safari.

iOS 11.2.2 and a supplemental update for macOS High Sierra 10.13.2 have been released with that exact aim in mind. The software update highlights security improvements and Apple "recommends for all users".

As is typical, Apple provides few details beyond making it clear which vulnerabilities are targeted, but the firm does thank the researchers responsible for finding the bugs, including Jann Horn of Google Project Zero, in the release notes.

Meltdown and Spectre benchmark
Image Courtesy

Although companies continue to roll out fixes, experts say hackers may soon attempt to exploit the flaws on devices that haven't been updated. Intel said its chips, which power Macs and devices from other manufacturers, contain the flaw as well as processors based on ARM Holdings architecture, which is used in iOS devices and Android smartphones. The Meltdown vulnerability is specific to Intel, but the company said that it would work with rivals AMD and ARM to resolve another fault that also affects them, called Spectre.

In a post on the company's website Wednesday, AMD said that one variant of the Spectre vulnerability was resolved by software and operating system updates.

iPhone and iPad users are urged to update their software immediately via the device's General Settings section. The good news is there is no bad news yet about hackers having exploited the processor flaws thus far.

More news: Toyota unveils customisable self-driving e-Palette vehicle

Like this: