What is the flaw?
There are two different bugs that have been discovered in this reveal, known as ‘Meltdown’ and ‘Spectre’ respectively.
‘Meltdown’ is known to potentially affect personal desktop computers, laptops, and servers that use Intel branded chips.
‘Spectre’ is expected to have a wider reach than ‘Meltdown’, potentially affecting smartphones, tablets, laptops, and personal computers with Intel, AMD, and ARM chips.
Both bugs reportedly enable hackers and malicious programs to view and possibly steal information from computers with the affected chipsets. This has huge ramifications for both personal computer users and businesses, as information at risk could include passwords, debit/credit card information, and customer data.
Is my computer security at risk?
Security issues such as ‘Meltdown’ and ‘Spectre’ would usually be kept under wraps until a fix was discovered to avoid drawing attention to vulnerabilities. However, as this information has been revealed, there is the potential that the bugs will be discovered and exploited by hackers.
The ‘Meltdown’ bug is especially threatening, considering an estimated 1.5 billion personal computers are in use across the world, with roughly 90% of these devices using Intel chipsets.
Despite these figures, the National Cyber Security Centre (NCSC) of the UK has tried to quell fears, claiming there is no evidence that the problem has yet been exploited.
What’s being done about the bugs?
Leading operating system software companies including Microsoft will be releasing security patches in the form of OS updates in the coming months to protect their users from this vulnerability.
However, the updates might not cover all previous versions of operating systems, meaning users with old software may still be at risk.
Apple have covered the issue in a blog post on their site, confirming that ‘all Mac systems and iOS devices are affected’, but also going on to say that ‘there are no known exploits impacting customers at this time’. They have already released a security update for the bugs, contained in iOS 11.2 and macOS 10.13.2. These bugs don’t affect smart watches such as the Apple Watch as they don’t use regular computer chips.
Google has also released a statement that reassures users of Android with the most recent security update of their safety. The popular Chrome web browser will also receive an update targeted at these bugs on 23rd January.
Experts in the cyber-security world have highlighted how the existence of these bugs in common chipsets means that manufacturers will have to re-examine their processes in the future.
Edit: Read our latest update on this computer chip bug