On Thursday, Apple said that Mac computers, iPhones, and iPads (but not Apple Watches) are vulnerable to two hard-to-fix security flaws that cybersecurity experts revealed Wednesday. Windows, Google, and other companies that make PCs, smartphones, servers, and tablets had already acknowledged that their own devices have the same issue. The flaws — given the villainous names Spectre and Meltdown — could be used by hackers to exploit the microprocessors, mostly made by Intel, in internet-connected devices to launch a "side-channel analysis attack" to steal files, passwords, photos, and other documents.
Intel, the dominant chipmaker, says the vulnerability has been in every microprocessor it has made since 1995, but apparently nobody realized the risk until a few months ago, when security researchers at Google, Cyberus Technology, Rambus, Data61, and universities in Austria, Australia, Pennsylvania, and Maryland independently hit upon the flaws. No hackers are known to have exploited the vulnerabilities. Both of them, but especially Spectre, are difficult to fix entirely because they're baked into the hardware, but all major tech companies have been rolling out software patches to mitigate the risk.
Shared servers that host cloud services are deemed the most at risk of infection, but security experts say consumers should update their Windows, Google, Apple, and other internet-connected devices to take advantage of the software patches and firmware updates being rushed out. "These will likely be modified as companies craft the best work-arounds, so it's not likely to be a one-time deal — update early and often!" USA Today advises. You can learn more about Spectre and Meltdown and read more about how to update specific devices at USA Today and The New York Times.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
-
New York court tosses Trump's $500M fraud fineSpeed Read A divided appeals court threw out a hefty penalty against President Trump for fraudulently inflating his wealth
-
Trump said to seek government stake in IntelSpeed Read The president and Intel CEO Lip-Bu Tan reportedly discussed the proposal at a recent meeting
-
US to take 15% cut of AI chip sales to ChinaSpeed Read Nvidia and AMD will pay the Trump administration 15% of their revenue from selling artificial intelligence chips to China
-
NFL gets ESPN stake in deal with DisneySpeed Read The deal gives the NFL a 10% stake in Disney's ESPN sports empire and gives ESPN ownership of NFL Network
-
Samsung to make Tesla chips in $16.5B dealSpeed Read Tesla has signed a deal to get its next-generation chips from Samsung
-
FCC greenlights $8B Paramount-Skydance mergerSpeed Read The Federal Communications Commission will allow Paramount to merge with the Hollywood studio Skydance
-
Tesla reports plummeting profitsSpeed Read The company may soon face more problems with the expiration of federal electric vehicle tax credits
-
Dollar faces historic slump as stocks hit new highSpeed Read While stocks have recovered post-Trump tariffs, the dollar has weakened more than 10% this year
