Tech scandals appear to be in fashion in the first days of 2018. For days, Apple’s iPhone slowdown issue was the most talked about blunder in the tech world, but that’s about to change. There’s a severe security flaw that affects most of the Intel-powered computers in use, regardless of operating system. Intel has confirmed the issue and downplayed it in a statement released a few hours after the problem was unveiled. The company also said that Intel chips aren’t the only ones affected, as ARM and AMD processors also have similar issues.
The newly publicized vulnerabilities would allow hackers to steal critical data such as credit card details and passwords from the computer without the user’s knowledge. Fixing the issue will result in a drop in overall performance, which can go anywhere from 5% to 30% according to unofficial estimates. The bad news is that there’s nothing you can do to fix the issue yourself other than wait for software updates.
What are the flaws?
The issues are so severe that everyone involved in fixing them had to sign non-disclosure agreements. According to the BBC, the tech industry has known about the issue for at least six months. The plan was to keep things under wraps until the flaws had been fixed.
Two separate security flaws affect computers of all kinds and sizes — that means smartphones, tablets, laptops, desktops, and servers, regardless of operating systems.
Meltdown is the name given to the vulnerability that affects laptops, desktops, and servers powered by Intel chips. Spectre is the other security issue you should know about, and it affects all Intel, ARM, and AMD computers, including smartphones and tablets.
How do you fix it?
There’s nothing you can do to fix the issues other than disconnecting all your devices from the internet. Assuming hackers and nation states are already developing tools to take advantage of this formidable problem, which can be used as a sort of backdoor to spy on users, your best bet would be locking yourself out of the internet. That sounds silly, but that’s the only thing you can really do right now.
The other thing you can do is wait. While you do that, monitor your most sensitive online accounts for unauthorized access and strange behavior. If anybody takes advantage of these flaws before they’re fully patched and steals any of your sensitive data, you won’t know it happened unless you track your online accounts for suspicious behavior.
Microsoft, Apple, and Linux are all going to release updates for Intel-powered computers to mitigate the issue. Once that’s done, update your devices as soon as possible.
The Meltdown issue will be the first one to be patched.
Google said that Android running the most recent security updates are protected, as are Gmail users. Chromebook users will get an update soon, while the Chrome browser is set to receive a patch on January 23rd.
Are iPhones and iPads affected? That’s not clear at this time. But if they are, Apple will issue iOS updates which you’ll need to install.
Cloud operators including Amazon, Google, and Microsoft, will patch their devices and issue fixes in the future. So if your business depends on these companies, you should know they’re fixing it. Again, there’s probably nothing you can do than wait.
The BBC notes that Spectre is thought to be much harder to patch, and a fix for it isn’t widely available.