SecureMac, Inc.

Computer security news. Just for Macs.

Get the latest computer security news for Macs and be the first to be informed about critical updates. Industry news, security events and all you need right at your fingertips. Malware threats change daily, so keep up to date on the latest developments to help ensure your privacy and protection. You can never be too safe.

Apple Confirms Fixes for Major CPU Vulnerability, More on the Way

Posted on January 8, 2018

Apple has confirmed that a pair of critical security vulnerabilities uncovered by security researchers late in 2017, and now filtering out into media reports, does affect “all Mac systems and iOS devices.” These bugs, dubbed Meltdown and Spectre, affect the clear majority of computers and a vast number of mobile devices, regardless of make, model, or manufacturer. Though tricky to exploit, these bugs could allow an attacker untraceable access to a wide variety of user data.

By exploiting a weakness in an advanced function within the processor, Meltdown allows attackers to fool the CPU into exposing the contents of kernel memory. Typically, this information is held under digital lock and key, completely hidden from prying eyes. Spectre is a sophisticated method for defeating sandboxing efforts and accessing information flowing from other apps. So far, no known attacks with these methods have occurred.

Because the researchers who uncovered these flaws reported their findings privately, fixes have already been implemented for Meltdown on Apple devices. Secured versions include iOS 11.2 and macOS 10.13.2. Apple says fixes for Spectre are forthcoming as they continue to work towards a permanent solution.

You can find additional details at MacRumors.

Join our mailing list for the latest security news and deals