Meltdown And Spectre: Intel, Apple, And Others Issuing Updates

The recent reveal of two unprecedented security flaws has caused a number of computing companies to quickly react.

Meltdown and Spectre, the recently revealed security flaws which affect microprocessors in “virtually all” modern computers, can conceivably allow hackers to “steal the entire memory contents” of those computers. But major companies are issuing updates that hope to stop problems before they start.

Intel

Intel’s chips are affected by both flaws — and are specifically affected by Meltdown — and the company has already been issuing updates. In a press release, Intel claims that it “has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years.”

An earlier Intel release included findings from Apple, Microsoft, Amazon, and Google, with all noting that security patches have not affected real world computing performance drastically, as was a concern.

Apple

Speaking of Apple, the company has issued its own support document about the security flaws, and it’s drawn a lot of attention, as Apple acknowledges that “all Mac systems and iOS devices are affected.”

This certainly isn’t unique to Apple systems and devices, however, so Apple-specific criticism surrounding these flaws is short-sighted and unwarranted. Apple notes that many exploits come from downloading malicious apps, so — as is standard with Apple products, anyway — Apple recommends only downloading apps from its official App Store.

As for the company’s plans moving forward, the document notes that “Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre.”

Google

Also, an in-depth post from Google on the company’s security blog mentions a novel mitigation technique the company developed to ward off “branch target injection” attacks. The technique, called Retpoline, has been shared with Google’s industry partners.

Early results in mitigating these flaws seem to be promising, but it’s too soon to tell how things may turn out in the long term.

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like Wirecutter.com and iLounge.com along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Leave a Comment

Trending News

Follow Us

Reviews