Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPads  - apple meltdown spectre - Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPads

2018 kicked off with a bang -wise due to the announcement of the serious Meltdown and Spectre flaws found in processors widely used by a wide range of computing and smartphones.

The story quickly developed from being a design flaw in Intel CPUs, that could allow malicious code to access information supposedly held in “protected” areas of your computer’s memory, to being also an issue for ARM and AMD chips.

To Apple’s credit they had already started to tackle the problems before the security issues were made public. MacOS 10.13.2, released last month, mitigated against the effects of (which only affects only Intel processors), and iOS 11.2 tackled Spectre for iPad and iPhone .

But the newly released macOS High Sierra 10.13.2 and iOS 11.2.2 updates take things an important step further – closing the door on the possibility of the Spectre vulnerability being exploited via a Javascript attack via the Safari browser.

Ios 11 2 2  - ios 11 2 2 - Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPads

It really is important to keep browsers patched – as they are an obvious route through which an attacker could successfully execute code on your computer. That’s one of the reasons why I am also a strong advocate of users never venturing out onto the web without the added protection of an ad blocker.

It’s your computer, it’s your sensitive information, your passwords. Opening yourself up to some of the wildness that can lurk on websites and – in particular – poisoned ads, and allowing them to run code willy-nilly is a very dangerous game to play.

Even if Meltdown and Spectre have not been actively exploited as far as we know in malicious attacks, it still makes sense to protect against the problems as well as we can.

So, iPhone and iPad users can a little more easily today (provided they’ve applied the update, of course!).

Which leaves me wondering about those hundreds of millions of users, many of whom have been neglected for years without seeing hide nor hair of a security update.

My guess is that the latest and most expensive Android devices from leading vendors will receive an update in due course, but many others will be left in the lurch.

- aa9ea0686c5d1aa9086d4b12c3aa05f2 s 80 d mm r g - Apple fixes the Meltdown and Spectre flaws in Macs, iPhones, and iPads

About the author, Graham Cluley

Graham Cluley is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon’s Anti-Virus Toolkit for Windows. Now an independent security analyst, he regularly makes media appearances and gives presentations on the topic of computer security and online privacy.

Follow him on Twitter at @gcluley, Google Plus, Facebook, or drop him an email.

Follow @gcluley

Source link


Please enter your comment!
Please enter your name here