Panic over the security holes named ‘Meltdown’ and ‘Spectre’ that have the potential to affect devices powered by Intel, AMD or AMD processors has been widespread. These chips speed up your device’s performance by assuming what you’ll do next, based on previous usage, to execute the action in advance. The ‘hole’ is that hackers could use this common feature to steal private data such as passwords.
These security issues apply to all modern processors and unfortunately affect nearly all computing devices and operating systems. The good news? Apple, Google, Intel and Microsoft have confirmed that there have been no known cases of either Meltdown or Spectre impacting customers.
“All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time.” – Apple
“We have not received any information to indicate that these vulnerabilities has been used to attack our customers.” – Microsoft
Since learning of the security issues, industry leaders have been working hard to overcome the potential loopholes. For customer protection, information of Meltdown and Spectre was kept under wraps until preventative measures were available to avoid giving hackers a roadmap. So far, Intel has issued updates for nearly 90% of processor products introduced within the past five years, but a timetable for older devices is yet to be confirmed.
How to stay protected – Apple users
Apple has released a software update to help protect users from Spectre and Meltdown. We highly recommend you update your devices as soon as possible. Here’s how…
- On iOS, go to Settings, General then Software Update, then tap Download and Install.
- On MacOS, open the App Store and click Updates in the App Store toolbar, then use the Update buttons to download and install any updates listed.
- On Apple TV, go to Settings, System, then Software Updates. Select Update Software, then select Download and Install. After the update downloads, your Apple TV will restart and prepare the update.
- Apple watch is not affected by the issue.
It is also recommended that any apps are only downloaded from the iOS App store, from trusted sources.
How to stay protected – Android users
On January 5th 2018, Google issued an update to protect Android devices. All Google-branded phones should have automatically downloaded the update so you just need to install it. For other Android devices, head to Settings. Scroll to the bottom of the menu and tap ‘About device‘ > ‘System updates‘ > ‘Check for update‘ > Tap ‘OK‘ if asked to confirm > Wait for your device to check for updates > Tap ‘Download‘ or ‘Yes‘ if an update is available.
The patch for Chrome will be installed on January 23rd and some Chromebooks had a mitigation in its OS 63, released in December. If you do not want to wait, an experimental feature from Google called Site Isolation can help in the meantime. This feature makes it harder for malicious websites to access data from other websites you are looking at. To use this feature on Windows, Mac, Linux, Chrome OS or Android copy and paste chrome://flags/#enable-site-per-process into the URL in Chrome. Click ‘Strict Site Isolation‘ and then press ‘Enable‘. Save your work and then press ‘Relaunch now‘.
Microsoft Windows 10
There is already a patch available for Windows 10 which will automatically be applied, a patch for older operating systems will follow shortly.
Major cloud services aimed at business customers, including Amazon Web Services, Google Cloud Platform and Microsoft Azure have already been patched.
It’s also worth remembering that you’re safe unless hackers can infiltrate your system, so always be wary of unexpected emails or clicking links on pop-up webpages. We recommend you check all your devices for security updates and install them as soon as possible. We understand you may have concerns, if you have any questions or need support updating your software, you can get in touch via firstname.lastname@example.org, call us on 01252 854352 or send us a message on live chat. We are always more than happy to help!