It was already widely suspected that almost every single Intel, AMD and ARM device released within the past few years could be exploited by devastating CPU vulnerabilities, and Apple has now confirmed that its devices are also at risk.
In a January 4th, 2018 statement, the Cupertino computing giant confirmed that all Mac and iOS devices are affected by the Meltdown and Spectre CPU security risks, “but there are no known exploits impacting customers at this time.”
While the Apple Watch’s instruction set architecture is ARM-based, its S-series chips are manufactured by Apple. As a result, Apple’s smartwatch is not affected by Meltdown.
Apple plans on releasing an update to protect Safari against Spectre “in the coming days.”
Additionally, the company said it has released updates to patch iOS 11.2, macOS 10.13.2 and tvOS 11.2 to protect against Meltdown.
The Meltdown and Spectre vulnerabilities were officially revealed a few days ago, and are issues that take advantage of a CPU feature known as ‘speculative execution.’
Speculative execution allows modern CPUs to perform multiple tasks at once by operating on those tasks in different orders than they were inputted. It effectively means that the CPU can act by predicting which path of actions to take before those actions are taken.
The Meltdown and Spectre exploits take advantage of speculative execution by accessing ‘privileged’ memory from a less-privileged source.
In its statement, Apple said that Meltdown “has the most potential to be exploited.”