Intel chip flaw: What Android, iPhone, Apple Mac and Windows users need to do to stay safe

Millions of computers and smartphones could be vulnerable to hackers

Aatif Sulleyman
Thursday 04 January 2018 13:45
Comments
Intel chip flaw: The problem affecting everything from the smallest phone to the largest web infrastructure

“Serious” flaws that could allow cyber criminals to steal personal information from millions of computers and smartphones have been discovered by security researchers.

The vulnerabilities, which were discovered by Google researchers last year, affect computer chips made by Intel, AMD and ARM, as well as the devices and operating systems running on them.

According to the researchers, almost every computer released over the last 20 years could be vulnerable.

However, there are straightforward steps you can take to protect yourself.

Android and Chromebook users

Google says it has updated its systems and affected products to protect users against the vulnerabilities. It is also working with hardware and software manufacturers across the wider technology industry.

“The issue has been mitigated in many products (or wasn’t a vulnerability in the first place),” the company said.

“In some instances, users and customers may need to take additional steps to ensure they’re using a protected version of a product.”

Google says that Android smartphones and tablets that have the latest security updates are protected from the flaws. To check for available updates, go to Settings, System and System Update.

Unfortunately, a significant portion of Android users are stuck on older, unsupported versions of the operating system, and could therefore remain vulnerable.

“There are always risks to using smartphones and tablets running OS versions that are no longer supported with regular security updates. Researchers are always finding new security vulnerabilities, software bugs or exploits,” Steve Grobman, CTO at McAfee, told The Independent.

“As a rule, McAfee recommends that users transition to newer, fully supported versions of mobile, PC and other computing platforms. This goes far in ensuring that they are receiving the latest protections from the latest cyber threats.”

Google, however, has moved to reassure concerned users by saying: “On the Android platform, exploitation has been shown to be difficult and limited on the majority of Android devices.”

Google Chrome users can protect themselves by following this link and enabling a new feature called Strict Site Isolation.

Chromebook users, meanwhile, are being advised to update to version 63 of Chrome OS.

Current known attacks do not affect Google Home, Chromecast, Google Wifi or OnHub, the company says.

Apple TV, iPhone and Mac users

Apple has revealed that every single iPhone, iPad, Mac and Apple TV is affected by the vulnerabilities, but says “there are no known exploits impacting customers at this time”.

The company has addressed some of the issues with recently released software updates – iOS 11.2, macOS 10.13.2, and tvOS 11.2 – but says that more will be made available to customers in the coming days.

Right now, the best thing you can do is make sure your Apple device is fully up to date.

On iPhone or iPad, do this by going to Settings, General and Software Update.

On macOS, open the App Store app, click Updates in the App Store toolbar, and use the Update buttons to download and instal any that are available.

On Apple TV, go to Settings, System, Software Updates and turn the Automatically Update option on.

Windows users

Microsoft has released an emergency security update for Windows 10, which will automatically be applied to computers, according to the Verge.

The company, however, says it doesn’t believe the vulnerabilities have actually led to any attacks on Windows users.

“We’re aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers,” said Microsoft.

“We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD.

“We have not received any information to indicate that these vulnerabilities had been used to attack our customers.”

Fixes for Windows 7 and Windows 8 machines are also available, but won’t automatically be applied until next Tuesday. You can, however, search for updates manually by going to Settings, searching Windows Update and clicking Check for Updates.

This article has been updated and will continue to be updated with the latest information.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged in