Here's what you need to know about the security flaw that could affect almost every computer

Here's what you need to know about the security flaw that could affect almost every computer
PHOTO: Reuters

The computer industry is scrambling on Wednesday to patch a massive security vulnerability that's present in the processors used on almost all the computers in the world.

The vulnerabilities could allow a hacker to steal information stored in the memory of a wide range of computer chips running on personal devices - not just computers and phones, but also the servers in data centres, including those used to run cloud computing services.

The widespread vulnerability could allow a hacker to steal information stored in the memory of the chip itself, including things such as passwords and cached files. It could also pave the way for attackers to weaken other security features.

'Meltdown' and 'Spectre'

One of the vulnerabilities, dubbed Meltdown, is known to affect Intel chips.

Another, Spectre, could affect chips from many vendors, including Intel as well as AMD and Arm.

Although there are no known exploits for the problem yet, the problem is alarming because it could affect so many computers.

Intel and AMD chips power nearly all personal computers and the computers used in data centres, including those that power online services and cloud computing services, while Arm chips power many smartphones.

A site with detailed information about Meltdown and Spectre vulnerabilities says that Google's Jann Horn and third-party researchers discovered them around the same time.

Intel, others respond

Intel CEO Brian Krzanich also told CNBC that Google first alerted it to the vulnerability, and Google has published a detailed rundown of the exploits.

Intel and other companies were scrambling to fix the problem before word got out, the New York Times reports, but news of the vulnerability was reported by The Register on Tuesday, so the companies and researchers rushed to release information about it on Wednesday.

What you should do

Individuals should apply the first available security updates from the companies who make the software on their devices, like Microsoft Windows, or Apple for iOS.

Service providers such as Amazon are working to patch the servers used in their data centres, and some users may experirence down time as they do this.

This article was first published on CNBC

Purchase this article for republication.

BRANDINSIDER

SPONSORED

Your daily good stuff - AsiaOne stories delivered straight to your inbox
By signing up, you agree to our Privacy policy and Terms and Conditions.