MPR News Chief Meteorologist Paul Huttner signs off

MPR News helps you turn down the noise and build shared understanding. Turn up your support for this public resource and keep trusted journalism accessible to all. 

Turn Up Your Support


If you thought your MacBook or iPhone would be immune to the Meltdown and Spectre microprocessor flaws 

The problems found in the chips could allow hackers to get access to passwords and other sensitive data stored on personal computers. 

, released by Apple on Thursday, the company announced, "All Mac systems and iOS devices are affected."


The good news is that "there are no known exploits impacting customers at this time" and that a change could come soon, according to Apple. The company says it has "already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre."

: "If you're wondering why people keep saying, 'mitigate' instead of 'fix' or 'counteract' or something, it's because Meltdown and Spectre take advantage of computing practices so basic that avoiding them is extremely difficult and complex. And new variants of attacks may very well circumvent the protections companies have put together during the last few months during which the exploits were kept secret. The mitigations and patches will probably multiply."


We wrote earlier that security researchers at Google and elsewhere discovered vulnerabilities in chips made by Intel, AMD, ARM Holdings and other companies. Intel said it was working to "develop an industry-wide approach to resolve [the] issue promptly."

, "When you install a program on your computer, there's generally a wall between it and other programs. But the security flaws, which were built into the chips from Intel, Advanced Micro Devices and ARM, allow one program to spy on another."


Moritz Lipp of Austria's Graz University of Technology is one of the researchers who found the flaw. He tells Sydell that the problem is found on millions of computers, as well as on smartphones and in cloud storage provided by companies such as Google, Amazon Web Services, Apple and Microsoft. While a software patch might mitigate the problem, it is really a hardware issue.


"If you have an issue in hardware, it's not very easy to just change the hardware because you already sold millions of CPUs. And you just can't call them back and change them," Lipp says.  Copyright 2019 NPR. To see more, visit https://www.npr.org.

Science

Apple announced that most of its products might be open to attacks that could mine passwords and other sensitive data. But the company said it was already working on patches to mitigate the flaw.

Apple: Mac and iOS vulnerable to Meltdown and Spectre flaws

Go Deeper.

Like this?

News you can use in your inbox