We recently ran an article about a vulnerability on Intel chips that allows desktop applications to access more information than they are ought. The level of access desktop applications are getting on Intel-powered devices are too deep, and only allowed to operating system kernel.
As a precaution measure against such level of access, the operating system uses hardware features of the chip to reinforce block on desktop application access too deep into the system. It has since been established that Intel chips are failing in doing so; thus a software security layer needs to be added on top of the hardware security layer.
The biggest problem with the software security layer – which is being issued as a security patch update by Microsoft for and Linux to its various distribution – is that they will slow down your device by at least 30% of its usual speed.
Intel chips also power some Apple devices, and they are also affected by the vulnerability. Apple has also come out to confirm that indeed nearly all its devices are affected by the vulnerability.
In the first public address by Apple on the matter, the company says nearly all Macs and iOS devices are impacted. However, there has been no reported case of customer’s security and privacy being compromised.
The company went further to clarify the much of the exploits rely on desktop application to execute malicious code. Apple urges users to download app only from trusted sources such as their App Store. Apple says it has addressed the vulnerability and issued out software update for MacOS (10.13.2), iOS (11.2), and tvOS (11.2).
The company is also planning to issue an update for Safari browser said: “to help defend against Spectre.” The patch will arrive within the next few days. Microsoft and Google have similarly issued a software security patch to address this big and (very) recent vulnerability affecting Intel-powered devices.