“Apple has confirmed that all Macs, iPhones, iPads and other devices (bar Apple Watch) are vulnerable to the newly-revealed Spectre and Meltdown Intel, ARM and AMD processor vulnerabilities,” Jonny Evans writes for Computerworld. “Both Meltdown and Spectre take advantage of speculative execution to access privileged memory — including kernel memory — from a less-privileged user process such as a malicious app running on a device. In other words, it’s possible to use these exploits to get your data.”
“Though Apple and others in the industry all say this is very challenging and say that no known instances of use of these flaws have been seen. Yet,” Evans writes. “Apple says all its devices are vulnerable to the bugs, though Apple Watch is not susceptible to Meltdown.”
“The consequences of these revelations will reverberate for a while, I fear,” Evans writes. “The challenge exists not just in modern but also in older systems, and with millions of those still in use it seems inevitable hackers will create exploits to attack less secure devices… Here’s what you can do to protect yourself…”
Read more in the full article here.
MacDailyNews Take: Good luck, everyone!
The big question is where is performance negatively impacted by these software bandaids and by how much? For that, we wait for research from independent parties.
CERT: The only way to fix the Meltdown and Spectre vulnerabilities is to replace the CPU. Intel et al. are going to try to sell us on a software bandaid instead of really fixing the problem properly. Watch and see. https://t.co/OeC2AoPdlK #Intel #AMD #ARM
— MacDailyNews (@MacDailyNews) January 4, 2018
Apple: All Mac systems and iOS devices are affected by Meltdown and Spectre security flaws – January 4, 2018
ARM security update suggests some iPhones, iPads, iPods and Apple TVs may be affected by CPU bug – January 4, 2018
Intel’s CEO Brian Krzanich sold off the majority of his shares after finding out about the irreparable chip flaws – January 4, 2018
CERT: Only way to fix Meltdown and Spectre vulnerabilities is to replace CPU – January 4, 2018
Security flaws put nearly every modern computing device containing chips from Intel, AMD and ARM at risk – January 4, 2018
Apple has already partially implemented fix in macOS for ‘KPTI’ Intel CPU security flaw – January 3, 2018
Intel’s massive chip flaw could hit Mac where it hurts – January 3, 2018