Photo: Rachel d’oro Associated Press
“All Mac systems and devices [mobile] iOS are affected but there are no known attacks at present,” said Apple.
Amazon, Google and now Apple… So that the list of the giants of the digital affected by two security vulnerabilities major, “Spectrum” and ” Meltdown “, is growing all the time, the race is on to limit the case.
“All Mac systems and devices [mobile] iOS are affected but there are no known attacks at the present time “, wrote the firm at the apple, whose devices are generally renowned for their security, on Thursday night on his blog official.
“Spectrum” and “Meltdown” which include almost all of the microprocessors manufactured over the last ten years by the companies Intel, AMD and ARM. No computer, smartphone or tablet could not function without these miniaturized components, kind of nervous centres that are running computer programs.
This distinguishes these two faults, security alerts more conventional, which generally applies to software (software), and not of the component parts of the devices (hardware).
“Spectrum” and “Meltdown” can in theory enable access to the kernel (kernel) of a computer operating system, ” thus exposing the critical information that would be stored “, for example, passwords, explains in a note published Thursday, Chris Morales, chief of security analysis for the enterprise of cyber-security u.s. Vectra Networks.
Luke Wagner, a software engineer for Mozilla, explains on blog the security of this foundation that the rift would enable ” from a content Internet to come and read the private information “.
Problem of great magnitude
Almost all of the electronic devices and computer manufactured in recent years in the world is equipped with chips that may be vulnerable.
The biggest names in the digital sector, such as Amazon, Google, Microsoft, or the Mozilla foundation has been launched in a race against the clock to limit the breaks, announcing the implementation of software patches.
The american giant Intel microprocessors, the same as its competitors AMD, or ARM, has also started to disseminate security updates.
In a statement released Thursday, Intel said that it would be by the end of next week ” broadcast updates to more than 90 % of its processors released in the last five years “.
To avoid any possibility of piracy, Apple on its side ” is advised to not download apps from safe sites, like the App Store “. The group states have also released patches to limit the possible impact of the fault “Meltdown” and announces other soon.
According to some experts, only the replacement of the microprocessor would protect sustainable, a perspective that has major implications for the entire sector.
This being the case, they explain also, piracy of these processors requires a technical level very high, limiting according to them the risk.
No attacks listed
The u.s. agency in charge of cyber security (CERT) has indicated “do not know” so far to hacking attempts using “Spectrum” and ” Meltdown “.
The German authority in charge of information technology security (BSI) has not been found to this day of” active exploitation “of the security issue, but nevertheless recommended to the stakeholders in the sector to protect itself” as quickly as possible “, in a press release.
The alert security was doubled on Friday that raised questions about stock sales by the boss of Intel.
According to the magazine specialized Digital Solutions, Intel has warned since the end of November of the existence of a flaw in its microprocessors. Gold in the fourth quarter of 2017, the p.-d. g. of the group, Brian Krzanich, has sold nearly 900,000 shares for Intel, lowering of half its stake in the capital of the group, according to the economic development agency Bloomberg.
The sale “has no connection” with the case of security vulnerabilities, and assured to Bloomberg, a spokesperson for the company, ensuring that Mr. Krzanich had exercised options, according to a calendar established in advance, and automated.
The action Intel has still lost nearly 2 % on Thursday, finishing at 44,43 $, after having already closed down from 3.40% the previous day.