Security researchers have discovered flaws in Intel, AMD and ARM Holdings computing chips that put nearly every modern computing device at risk to hackers.
According to researchers, there are two major bugs that are affecting devices — Meltdown and Spectre. The former flaw — which specifically targets Intel chips — allows hackers to bypass the hardware barrier between applications and a computer’s memory, which can leave any stored passwords exposed.
Spectre, meanwhile, affects chips from all three manufacturers and tricks applications into revealing private information.
Because the issues are at the chip level, devices that run Linux, macOS and Windows are all susceptible. However, researchers say Microsoft and Apple had security patches ready for affected desktop computers.
Intel has also acknowledged the flaw and said it is working on a solution with AMD and ARM Holdings. Incoming patches will need to be downloaded to update the operating systems and fix the issues, although doing so may slow down devices.
Fixes might not come so easily, though, said Daniel Gruss, one of the researchers from Graz University of Technology that discovered the Meltdown bug. Gruss told Reuters that Meltdown is “probably one of the worst CPU bugs ever found.”
Gruss said that Meltdown is the more serious current problem, although the bug’s Intel-specific nature makes it easier to patch with software. Spectre, on the other hand, will be harder to fix, he says, because it applies to nearly all computing devices. However, Gruss said Spectre is harder for hackers to take advantage of.