Apple has issued their first public statement regarding the design flaw present in nearly all computers and mobile devices.

The comment comes in the form of a support document giving details in which devices are affected, what the vulnerabilities are, what they’ve done so far, and how you can protect yourself.

Apple has clarified that all iOS and macOS devices are affected (including Apple TV). Apple Watch is not effected by Meltdown.

While that is a significant number of devices to be vulnerable, Apple says users should not worry. Currently, there are no known exploits, and they are very difficult to take advantage of.

They say that the issues can only be exploited when a malicious app is installed on your machine. To help protect yourself, Apple says to be sure to only download apps and software from trusted sources, (such as the App Store).

They’ve also confirmed recent patches that came out in iOS 11.2, macOS 10.13.2, and tvOS 11.2. These patches were aimed to address the Meltdown vulnerability and a new update for Safari will be out in the next couple days to address Spectre.

We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS.

Apple also attempted to quell fears of performance hits that were expected after the patch. They say they’ve run tests after the patch and saw no detrimental performance.

Between the two vulnerabilities, Apple says Meltdown “has the the most potential to be exploited,” while Spectre is “extremely difficult” to exploit.

Spectre

Analysis of these techniques revealed that while they are extremely difficult to exploit, even by an app running locally on a Mac or iOS device, they can be potentially exploited in JavaScript running in a web browser. Apple will release an update for Safari on macOS and iOS in the coming days to mitigate these exploit techniques.

If you would like to learn more about the exploits, or Apple’s response, you can read the full support document on Apple’s website.

  • Jerry

    Everytime there’s a jailbreak near there’s some new virus that they patch

    • h4nd0fg0d

      Nothing to do with jb. Those is a worldwide issue, mate.

      • besrate hogsa

        Those is?

      • Viv

        Ever heard of typo? Why come hard when you don’t have anything else to contribute?

        When a jailbreak is about to be released, we come across issues like these. You are left in a lurch whether to prefer jailbreak or security.

      • besrate hogsa

        A typo is when you misspell a word
        When you use the wrong verb that is not a typo
        Get it?
        Shame on you

      • Viv

        Get a life mate. That’s all I can say.

      • besrate hogsa

        I do have a life
        You are the one who is wasting it
        Check your grammar before posting your comment
        MATE?

      • Viv

        If you had a life, you wouldn’t start commenting on others messages especially when they are trying to be helpful.

        You are right in a way. I wasted my time replying to a moron.

        You please carry on with your trolling.

      • besrate hogsa

        Stop it
        It is not worth it anymore
        Ass-wipe

      • :D

        He’s complaining that jailbreakers never get the security fixes

  • David Gow

    So we should update and forgo the jaulbreak?

    • Iskren Donev

      I wouldn’t be surprised if a jailbreak developer releases their own fix for these vulnerabilities. Moreover, as the article said, if you are not downloading shady apps there shouldn’t be much to worry about.

      • David Gow

        Just from the App Store. Cheers
        Or on Cydia and I have tons of paid tweaks there I’m not able to use

      • Iskren Donev

        You shouldn’t have issues if you install paid/free tweaks from reputable repos. If you feel extra paranoid you can wait before installing free tweaks from unknown developers and see if someone complains online.

      • Chris Angel

        But a well hidden exploit in a very normal looking app would be hard to spot.