Apple confirms iOS and macOS are vulnerable to “Meltdown” and “Spectre” exploits
Apple just published a new support document explaining that iOS and macOS could be attacked by the newly discovered (and very dangerous) Meltdown and Spectre exploits. It adds that it knows of no such attacks on Apple devices to date, however.
Apple says it already released “mitigations” in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. In the coming days the company says it will release mitigations in Safari to help defend against Spectre.
The vulnerability is broader than just iOS and macOS. “We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS,” the article states.
Apple says none of the security patches it’s released have caused measurable performance decreases in Apple devices, and it doesn’t expect future patches to do so either.
For its part, Intel said in a statement on Thursday that it “has developed and is rapidly issuing updates for all types of Intel-based computer systems—including personal computers and servers—that render those systems immune from both exploits… reported by Google Project Zero,” whose researchers helped quietly discover the flaws last year.
Cloud services owned by Amazon, Microsoft, and Google itself have also been using Project Zero’s research to create and issue patches for their servers, while many other smaller cloud providers who had not been previously notified about the flaw are now scrambling to patch their machines.