Advertisement

  1. ITV Report

Meltdown and Spectre: Apple confirms all iPhones, iPads and Macs exposed by microchip flaw

  • Video report by ITV News Correspondent Dan Rivers

Apple has confirmed all its devices and computers are affected by two major security flaws threatening the computer industry and stored private data.

The tech giant is scrambling to create new fixes for iPhones, iPads and Mac to ward off the Meltdown and Spectre bugs before hackers exploit them.

"All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time," Apple said in a blog post.

The threat comes in the same week Apple apologised to iPhone owners for slowing down some older handsets to protect the ageing battery.

Meltdown and Spectre: what you need to know

Apple's confirmation means almost the entire computer industry is exposed by the hardware bugs that leave no traces, can't be blocked and are currently undetectable by antivirus.

The flaws, which were discovered by researchers at Google last year but only became public this week, affect computer processors built by Intel and ARM, which accounts for nearly all of the world's computer market.

Security flaws have been found in virtually all Intel processors made in the last decade. Credit: PA

Both exploit vulnerabilities in modern computer processors, giving malicious programs the chance to seek out and steal data that is being processed.

This can include passwords, browser data, emails, photos, message histories and private documents.

How do they do it?

Meltdown essentially breaks - or melts - the gap that prevents applications from accessing the operating system.

That gives a malicious program access to the computer's memory and with it all the key data on the operating system and all the programs.

Spectre exposes the gap between different applications, allowing hackers to target safety checks and access memory data.

It does this through 'speculative execution', hence its coined name, which is far harder to detect.

So how can they be stopped?

Tech experts have had at least a year to work on this, and are continuing to do so.

The flaws were discovered by Google Project Zero and academic researchers in 2017.

Researchers from Google and academic institutions discovered the flaws last year. Credit: PA

The delay in publicising details of the two exploits has given tech companies like Google, Microsoft and Apple time to work on security patches, reinforcing systems.

Patches have been created to target Meltdown for Windows, OS X and Linux and more are being created to halt potential future exploitation through Spectre.

So are iPhones, Macs and Apple TVs protected?

Apple said it had already negated some of the threat of Meltdown for iPhones (iOS 11.2), Macs (macOS 10.13.2), and Apple TVs (tvOS 11.2) and hoped to provide new defences against Spectre "in the coming days".

"Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown," the company said.

"In the coming days we plan to release mitigations in Safari to help defend against Spectre. We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS."

Apple added: "Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store."