Apple to grant fix for iPhones & Macs at risk from chip flaw
SAN FRANCISCO (Reuters): Apple Inc will release a patch for the Safari web browser on its iPhones, iPads and Macs within days, it said on Thursday, after major chipmakers disclosed flaws that leave nearly every modern computing device vulnerable to hackers.
Browser makers Google, Microsoft Corp and Mozilla Corp’s Firefox all confirmed to Reuters that the patches they currently have in place do not protect iOS users.
Apple stressed that there were no known instances of hackers taking advantage of the flaw to date.
In a statement on its website, Apple said all Mac and iOS devices were affected by both Meltdown and Spectre. But the most recent operating system updates for Mac computers, Apple TVs, iPhones and iPads protect users against the Meltdown attack and do not slow down the devices, it added, and Meltdown does not affect the Apple Watch.
Macs and iOS devices are vulnerable to Spectre attacks through code that can run in web browsers. Apple said it would issue a patch to its Safari web browser for those devices “in the coming days.”
Shortly after the researchers disclosed the chip flaws on Wednesday, Google and Microsoft released statements telling users which of their products were affected. Google said its users of Android phones – more than 80 percent of the global market – were protected if they had the latest security updates.
Apple remained silent for more than a day about the fate of the hundreds of millions of users of its iPhones and iPads. Ben Johnson, co-founder and chief strategist for cyber security firm Carbon Black, said the delay in updating customers about whether Apple’s devices are at risk could affect Apple’s drive to get more business customers to adopt its hardware.
Johnson said, “Something this severe gets the attention of all the employees and executives at a company, and when they go asking the IT and security people about it and security doesn’t have an answer for iPhones and iPads, it just doesn’t give a whole lot of confidence.”