Life

Apple Says ALL Its iPhones, iPads, & Macs Are Affected By This Major Security Flaw

Stephen Lam/Getty Images News/Getty Images

Bad news bears for folks with Apple products, i.e. basically everyone: Apple has announced that Meltdown and Spectre, two major flaws in computer chips that can make it easier for hackers to get their hands on your data, has affected all iPhones, iPads and Macs worldwide. The good news is that, according to Apple, no customers have been affected yet, but, you know, stay tuned.

The two bugs, which were revealed by researchers with Google's Project Zero and research institutions like Austria's Graz University of Technology on January 3, live inside your computer/phone/etc.'s processors, which are essentially your smart tech's brains. The flaws create vulnerabilities that allow hackers to create programs that can steal any data being processed, which include passwords, photos, iMessages, emails, and basically any other otherwise hidden data that exists in running programs. Specifically, Meltdown "breaks the most fundamental isolation between user applications and the operating system," according to researchers; Spectre "breaks the isolation between different applications" and "allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets."

On Thursday, Apple addressed the possibility that its products were affected by the security flaws on its support page. The company released the following statement:

Security researchers have recently uncovered security issues known by two names, Meltdown and Spectre. These issues apply to all modern processors and affect nearly all computing devices and operating systems. All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time. Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store. Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre. We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.

So, the bad news is, if you have an iPhone, iMac, iPad, or Macbook, you've very likely been affected by Spectre and Meltdown. The good news is, so far Apple thinks your data is safe from hackers, has already worked to protect iOS systems, and, provided no one Mr. Robot's the heck out of the bugs in the next couple of days, there'll be a patch ready to protect anything you've stored in Safari from Spectre. So, if you haven't updated your phone/computer/iPad yet, now is the time to do so.

Apple's not the only company moving fast to mitigate any Meltdown/Spectre-related data breach. In fact, most tech companies, including Microsoft, Mozilla, Intel, and Google, have been creating security patches to protect their products. Google released a statement on Thursday assuring customers that they've already developed a new mitigation, dubbed "Retpoline," that will work to keep data safe. Android phones are also safe, provided they've been updated recently.

Intel, whose processors were initially reportedly uniquely vulnerable to Meltdown and is facing a class-action lawsuit by plaintiffs in California, Oregon and Indiana, also says customers who update their products should be protected against any vulnerabilities.

So that's what the companies are doing — but what can you do to protect yourself from hackers? For the most part, UPDATE. The more recent your system update, the better protected you'll be. For instance, Google's newest version of Chrome, rolling out on January 23, is expected to include a Spectre/Meltdown security patch, so be sure to download that if Chrome is your go-to browser.

Beyond updating, though, the best thing to do is not to panic. For now, it looks like there've been no major security breaches, and with new updates coming out regularly, in the next few weeks you should be patched up.