Apple has acknowledged a flaw that could lead hackers to hit all iPhone and Mac devices.
The “Meltdown” and “Spectre” flaws were found in Intel chips earlier this week and could allow hackers to steal passwords other personal data, and is a problem for virtually all Apple customers, the company said on Thursday.
“All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time,” the company said in a statement. “Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store.”
On the bright side, the tech giant has “already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown,” and a patch for Safari is on its way. And if you use Apple Watch, there’s no reason to panic — “Meltdown” has zero impact on your device.
The reason Apple uses the “mitigate” rather than “fix” was explained by Devin Coldewey at TechCrunch. “It’s because Meltdown and Spectre take advantage of computing practices so basic that avoiding them is extremely difficult and complex,” wrote Coldewey. “And new variants of attacks may very well circumvent the protections companies have put together during the last few months during which the exploits were kept secret. The mitigations and patches will probably multiply.”
The issue with Intel’s flaw is it weakens the barrier between your device and the programs it installs, allowing nefarious actors to spy on unsuspecting users. Apple said its updates will slow down browsers by “less than 2.5 percent,” and show no material impact on performance.