investorschatroom.com

Science

Apple: Mac And iOS Vulnerable To Meltdown And Spectre Flaws

Share
Hardware fixes are by nature much slower and more difficult than software fixes. tcareob72/Thinkstock

Advice from the U.S Computer Emergency Readiness Team's was grim.

So what should Apple users do? He warned that this should protect users for now, but the fact that malicious actors will continue to find ways to exploit the Meltdown and Spectre flaws "make it clear that CPU architecture decisions need to be rethought".

Apple says it as of now discharged "alleviations" in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help safeguard against Meltdown.

Microsoft has also acknowledged the issue and told CNBC (via email), "We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, Arm, and AMD".

Microsoft said it had been aware of the vulnerabilities and had been working on fixes for some time.

Like other big tech companies that are scrambling to deal with the problem, Apple sought also to reassure users.

Apple has issued a statement confirming the design flaw vulnerabilities on ARM-based and Intel CPUs impacts all Macs and iOS devices. The second bug named Spectre meanwhile affects chips made by Intel, ARM and AMD and lets hackers to trick "error-free applications" to shell out sensitive information.

Meltdown could have devastating effect for cloud providers as Google researchers were able to demonstrate reading of host memory from a KVM guest OS.

Six days of Iran protests: 20 dead, 450 arrested
The latest demonstrations came despite President Hassan Rouhani's vow that the nation would deal with "rioters and lawbreakers". Iran's state media reported the 9 deaths overnight Monday, 10 on Sunday, and two on Saturday.

Liverpool Prospect Reveals The Disgusting Racist Abuse He Suffered This Year
I really can't believe that people have these kind of thoughts still in their minds, it's so odd in this world that it happens. He has our full support and we will continue to push for appropriate responses from the relevant authorities.

Vanity Fair Apologises For Video Suggesting Hillary Clinton Takes Up Knitting
In an April 1988 issue of Spy magazine (which Carter co-founded), Trump was famously referred to as a "short-fingered vulgarian". Ms Kosoff, the writer who made the knitting suggestion, reportedly took to her private Twitter account to defend the video.

Spectre and Meltdown are serious vulnerabilities that take advantage of the speculative execution mechanism of a CPU. Data is supposed to be protected and isolated, but researchers discovered that in some cases, the information can be exposed while the processor queues it up.

Apple further explains that for these bugs to really affect one's systems, they need to rely on apps with malicious code. Meltdown appears to be specific to chips made by Intel.

Browser makers Google, Microsoft Corp and Mozilla Corp's Firefox all confirmed to Reuters that the patches they now have in place do not protect iOS users.

Apple remained silent for more than a day about the fate of the hundreds of millions of users of its iPhones and iPads.

These two sophisticated bugs matter especially to enterprises that deal with a lot of network traffic and considerable processing power - things like cloud providers, retailers that process consumer transactions, and medical systems that crunch data.

The Software Engineering Institute, a USA -government funded body that researches cybersecurity problems, initially said the only way to fully remove one of the vulnerabilities is to completely replace the affected processor. But that's not realistically going to happen anytime soon.

Replacing all the affected processors quickly would be impossible: there now are none available to replace the vulnerable ones with the same kind of functionality.

Share