Get ready to update many of your devices, but the problem won’t go away with a few clicks.
While everyone else had eyes on the “bomb cyclone” descending on the East Coast this week, computer security researchers and tech workers were wincing over something else: massive security flaws discovered that potentially affect the vast majority of personal computers and smartphones ever built.
Two security flaws, dubbed Meltdown and Spectre by researchers, allow processor exploits to steal passwords and other sensitive user data from almost any device made in the past 20 years, according to the New York Times.
Security researchers, including Jann Horn at Google and academics at Graz University of Technology, discovered the flaws. They had already disclosed the flaws last year to the big tech companies like Microsoft and Apple, and had planned to reveal them publicly in coming days.
The processor maker Intel was also informed of the potential exploits, and it may be worth noting that the company’s CEO, Brian Krzanich, sold $24 million in company stock and options in late November, according to Business Insider.
Now software companies are scrambling to push out updates. Google and Microsoft said by Wednesday evening that they had updated their systems to fix the Meltdown flaw, according to the Times. Some consumer fixes, including for the Windows operating system, have rolled out, but others are still in development.
There is no evidence yet that hackers have taken advantage of the security flaws. But once flaws are made public, the attention makes your devices ready targets, allowing skilled hackers easy access to your passwords, online bank accounts, and email.
Exploits are unfortunately common these days, as security researchers engage in an arms race with hackers and even nations to build walls around our increasingly connected world of devices.
Meltdown and Spectre are Read More Here