IE 11 is not supported. For an optimal experience visit our site on another browser.

Apple says all Macs, iPhones and iPads affected by Spectre, Meltdown security flaws

Apple said it had released a patch for iOS-operated devices to address the Meltdown security flaw and would issue another “in the coming days” for Spectre.
Image: iPad Air
An Apple employee carries boxes of the new iPad Air at the Apple store in New York City.Spencer Platt / Getty Images file
/ Source: The Associated Press

Apple admitted Friday that all iPhones, iPads and Mac computers worldwide are affected by the Spectre and Meltdown processor security flaws but said no customers so far had been affected.

The California-based company said it had already released a patch for the Safari web browser on its iOS-operated devices to protect against Meltdown and would issue another “in the coming days” to “to help defend against Spectre.”

"Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store," it said in a statement.

Image: iPad Air
An Apple employee carries iPad Air boxes in the Apple store in New York City.Spencer Platt / Getty Images file

The security vulnerabilities apply to all modern computer processors and affect nearly all computers and smartphones, leaving tech companies scrambling to find a fix.

"It's a very big deal and the only thing people can do is wait for patches on systems and apply them," Shuman Ghosemajumder, chief technology officer at Shape Security, told NBC News.

The two hardware bugs can be exploited to allow the memory content of a computer to be leaked. Such a leak could potentially expose stored passwords and other sensitive data, including personal photos, emails and instant messages.

Related: The top 5 worst passwords (and how to choose one that’s secure)

Researchers at Google's Project Zero and academic institutions including the Graz University of Technology in Austria discovered the problem last year and disclosed it Wednesday.

There's no evidence that bad actors have yet exploited the bugs, but companies from Microsoft to Mozilla said they have worked to patch up vulnerabilities to their operating systems.

Intel said in a statement it has already issued updates "for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years."

The flaws were first reported by tech publication The Register. It also reported that the updates to fix the problems could causes Intel chips to operate 5 percent to 30 percent more slowly.