KUCHING, Jan 9: Computer users, be it using PC or Mac, and even Android and iOS smartphones users, are urged to update their operating systems and firmwares to the most current patch as their devices have been discovered to contain major security flaws that may trigger attacks known as Meltdown and Spectre.
The flaws were discovered by a group of researchers from the Graz’s University of Technology in Austria in December 2017 and was only acknowledged by tech giants such as Intel, Microsoft and Apple earlier this month.
These tech giants have scrambled to patch the security flaws affecting their operating systems and products and released the fixes recently.
Computers and devices affected by Meltdown and Spectre are those using Intel, AMD and ARM (for smartphones) processors. While Microsoft and Linux have released updates and fixes for their customers recently which is still ongoing, Apple is also following suit for their Mac and iOS users.
At present, there has been no reported cyber attacks linked to the flaw.
According to online tech portal www.wired.com, Meltdown and Spectre manipulate the processor’s kernel, enabling hackers access to even the most private information like private files, passwords and cryptographic keys on a targeted machine.
Intel CEO Brian Krzanich in a statement on the company’s website today said that 90 per cent of customers using its processors introduced in the last five years would be receiving updates and fixes within this week, and the remaining would do so by the end of this month.
“We believe the performance impact of these updates is highly workload dependent, though that some workloads may experience a larger impact that others, so we’ll continue working with the industry to minimise the impact on those workloads over time.
“As of now, we have not received any information that these exploits have been used to obtain customer data. We are working tirelessly on these issues to ensure it stays that way,” he said.
Meanwhile, Apple last week released a statement: “There are no known exploits impacting customers at this time.
“Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store,” it said.
AMD also released updates and fix patches recently.
In a statement from its website, it said: “As the security landscape continues to evolve, a collaborative effort of information sharing in the industry represents the strongest defense.
“Total protection from all possible attacks remains an elusive goal and this latest example shows how effective industry collaboration can be.
“As always, AMD strongly encourages its customers to consistently undertake safe computing practices, examples of which include: not clicking on unrecognised hyperlinks, following strong password protocols, using secure networks, and accepting regular software updates,” it said. — DayakDaily