Apple iOS 11.2.2 update to fix Spectre vulnerability in modern CPUs

The latest iOS patch from Apple addresses the Intel chip flaw that affects every single device. Apple has released iOS 11.2.2, which closes the Spectre vulnerability caused by faulty chip design.

Apple has released update 11.2.2 for iOS, which addresses holes in Safari and WebKit that allow Spectre to affect iPhones, iPods, and iPads.

Spectre and Meltdown are the names for the two vulnerabilities that take advantage of the recently revealed design flaws in Intel/AMD/ARM chips that allow malicious software to read kernel memory and other mapped physical memory.

While there are no known flaws exploiting the Intel/AMD/ARM chip weaknesses on iOS, Apple’s patching of Safari and WebKit is a precaution designed to eliminate future threats. Apple recommends all iOS users update their devices immediately.

Spectre is the half of the Intel exploit that makes data stored in kernel memory available for reading by other processes. It’s the slower of the two exploits, and is less likely to be used, though if it was it could be just as devastating as Meltdown.

While Meltdown requires an app installed locally on the affected device, Spectre can read kernel memory via JavaScript running on the web, which is what this iOS patch protects against.

Leave a Reply