As news of a critical vulnerability affecting a majority of modern processors took us by surprise this week, Apple remained largely silent while other companies rushed to provide more details on the nature of these exploits and to patch their products as soon as possible. The company has now issued its official statement on the Meltdown and Spectre vulnerabilities and how they affect its products.
The Cupertino-based giant acknowledged that "all Mac systems and iOS devices are affected" but, at the same time, tried to reassure its users by pointing out that no known exploits based on these vulnerabilities are currently impacting users. It also cautioned users that many of these exploits require a malicious app to be installed on the device in order for them to work, and emphasised the need for obtaining apps from its official app stores.
The Apple Watch is the only device from the company entirely unaffected by Meltdown.
The company also promised a variety of fixes are incoming in order to protect its users. Intel has already started pushing out updates for its processors that it claims make them 'immune' to these new attacks, and Apple has also released some means of mitigating their impact on its macOS-powered devices - which use Intel processors - with the macOS 10.13.2 update.
iOS 11.2 and tvOS 11.2 contain similar protections for users of the company's mobile and smart TV products, respectively. Spectre, which is the exploit that focuses on applications, can also be exploited using JavaScript in a web browser, like Safari. Apple plans to release patches for its browser to further strengthen its defenses in that regard, perhaps similar in nature to Microsoft's recent updates for Internet Explorer and Edge.
Source: Apple
38 Comments - Add comment