Apple says all iOS devices, Macs affected by processor flaws


Those major chip security flaws, detailed Wednesday, impact all Macs and iOS devices. But Apple said downloading its latest software updates fixes one of the vulnerabilities.

Apple on Thursday said all of its computers, iPhones and iPads are affected by the two newly discovered flaws. Its Apple Watch is not impacted by one of the two, dubbed Meltdown. Its Apple TVs also are affected.

Apple didn't immediately give additional information about which Apple TV models are impacted.

Apple said, though, that "there are no known exploits impacting customers at this time," and for a hacker to exploit the flaws, there would also have to be a malicious app loaded on a Mac or iOS device. Apple recommended to only download software from trusted locations like its App Store to avoid software with malware.

Apple said iOS 11.2, MacOS 10.13.2 and tvOS 11.2 already defend against the Meltdown flaw. It plans to release fixes for its Safari browser over the coming days to help defend against the Spectre flaw.

"We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, MacOS, tvOS and watchOS," Apple said on a support page.

Tuesday, news broke that a newly discovered exploit in most modern processorscould make your computer or phone vulnerable to attacks. Then Wednesday, Intel, Arm and others acknowledged their processors are affected by the flaws, known by the names Spectre and Meltdown.

Intel supplies chips for most of the world's computers, including Apple's Macs. And Arm's architecture is built into nearly every mobile processor, including chips designed by Apple for the iPhone and iPad.

Several researchers, including a member of Google's Project Zero team, found that a design technique used in chips from Intel, Arm and others could allow hackers to access private data from the memory on your device that it shouldn't be able to see. The problem impacts processors going back more than two decades and could let hackers access passwords, encryption keys or sensitive information open in applications.

The flaws aren't unique to one particular chipmaker or device. Instead, they impact everything from phones to PCs and servers. The computing industry is scrambling to lessen the severity of the problem with updates to operating systems, web browsers, cloud-computing services and other foundations that need to be kept secure.

Intel on Thursday said that by the end of next week, it expects to have issued updates for more than 90 percent of its processors introduced within the past five years. The updates make computers "immune from both exploits," Intel said.




RELATED ARTICLES