Thursday , 21 June 2018
Home >> E >> Enterprise Applications >> How Apple users can protect themselves against Spectre and Meltdown

How Apple users can protect themselves against Spectre and Meltdown

Apple has confirmed that all Macs, iPhones, iPads and other devices (bar Apple Watch) are vulnerable to the newly revealed Spectre and Meltdown Intel, ARM and AMD processor vulnerabilities.

What’s the problem?

Taking advantage of a vulnerability that has been around for 20 years, Meltdown and Spectre exploit a CPU performance feature called “speculative execution.” Speculative execution exists to improve computer speed by enabling the processor to work on multiple instructions at once, sometimes in non-sequential order.

“To increase performance, the CPU predicts which path of a branch is most likely to be taken and will speculatively continue execution down that path even before the branch is completed. If the prediction was wrong, this speculative execution is rolled back in a way that is intended to be invisible to software,” Apple explains.

Both Meltdown and Spectre take advantage of speculative execution to access privileged memory — including kernel memory — from a less-privileged user process, such as a malicious app running on a device.

In other words, it’s possible to use these exploits to get your data. Though Apple and others in the industry all say this is very challenging and say no known instances of use of these flaws have been seen. Yet. Apple says all its devices are vulnerable to the bugs, though Apple Watch is not susceptible to Meltdown.

close
==[ Click Here 1X ] [ Close ]==