Earlier this week, researchers revealed that all CPUs made in the last two decades are vulnerable to two hardware-based exploits dubbed Meltdown and Spectre. Since their discovery, major tech players, including Apple, have been hard at work to patch their systems to prevent the vulnerabilities from being exploited.
Google was in the forefront of this action as its Project Zero group was one of the teams which discovered this vulnerability last year and set in motion the measures that all device manufacturers in the world are using to thwart the threats. Microsoft has also issued an emergency Windows update to counter the vulnerabilities that affect all devices.
In a recent post on its support forums, Apple has also acknowledged the presence of the vulnerabilities in all Mac systems and iOS devices. The company claims that as of now, there are “no known exploits impacting customers”. In order to exploit the vulnerabilities, the attacker needs to install a malicious app on a user’s Mac or iOS device, which is why the company has advised users to install software obtained only from trusted sources and the official store.
Apple has also announced that it has been able to find a fix to patch Meltdown and the update will be released to iOS 11.2, macOS 10.13.2, and tvOS 11.2 devices shortly. The company also claims that the Apple Watch is not affected by Meltdown and therefore doesn’t need a similar patch. As far as Spectre is concerned, Apple plans to release mitigations in its Safari browser in the coming days, to help it defend against the vulnerability.
The company will continue to develop and test other solutions to patch the vulnerabilities within the operating system on all platforms. Once a solution is identified, it will be released with upcoming iOS, macOS, tvOS, and watchOS updates.