Spectre and Meltdown security flaws  

(image courtesy of XKCD)



All AMD, Intel, and ARM processors (and devices that contain them) produced since around 1995 are affected by these exploits. 

Spectre and Meltdown could allow an attacker to access kernel level memory access, exposing information stored there, such as passwords and other private information. Almost all electronic devices manufactured in recent years may contain vulnerable chips. Amazon, Google, Microsoft, Mozilla, and others are distributing updates and patches to mitigate the issue.

Apple advises only getting apps from App Store which vets programmes for safety, but some security experts believe that the only real solution would be replacing the chip. Some concede that hacking the chips would require a very high level of technical expertise and the risks are limited. The US Computer Emergency Readiness Team (CERT) said that it was “not aware of any active exploitation at this time.”



All versions of firefox have been updated with code to thwart potential attacks using these exploits. Update your firefox to the latest version when you can.