Bad news for anyone who uses an electronic device manufactured this century (or any other time): the device probably has a major security flaw that could be exploited to steal all kinds of personal information. Happy New Year.
Cyber security researchers revealed Thursday that pretty much all processors contain two huge flaws called “Meltdown” and “Spectre” (they really nailed the sinister naming). The flaw was discovered last year and taken to major tech companies like Google and Microsoft before it was revealed to the public.
According to the researchers who discovered them, these flaws, if exploited, could allow someone access to any personal data on your computer including photos, passwords kept in a password keeper, messages and business documents. They also say that you likely wouldn’t be able to tell if your information had been stolen and your anti-virus software probably can’t do anything to help you. Cool. On the plus side, there haven’t been any reports yet of people exploiting the flaws.
So what do we do? Tech companies are trying to rush out major updates to their operating systems and cloud services to fix the problem. So DO YOUR UPDATES. If you have an Intel processor, you are almost certainly affected by Meltdown. According to a Thursday statement, they are rapidly putting out updates for their processors and have covered almost everything manufactured in the past five years.
Spectre effects nearly everything else. Apple says that exploiting the flaws would require downloading a malicious app, so be careful that anything you download is from a known source. They also want you to do your updates. Same goes for Microsoft. And Google. And Amazon. Basically, update your phone, laptop, desktop computer, tablet, Apple Watch and all your apps (yes, apps too). There are also software patches provided by the groups who discovered the flaws that you can apply to your devices.
If you’re interested in how exactly these updates are going to change software to close the gaps, here is a (very, very) in-depth explanation of what each tech company has said they’re doing.
Good luck out there, everybody.