Security researchers at Google’s Project Zero have discovered serious security flaws in processors designed by Intel, AMD and ARM.
The flaws, called Meltdown and Spectre, can allow hackers to steal sensitive data and can affect virtually every modern computer, including smartphones.
Daniel Gruss, one of the researchers who discovered the flaw, said they are “probably one of the worst CPU bugs ever found”.
Intel (NASDAQ: INTC) said in a statement: “Intel has begun providing software and firmware updates to mitigate these exploits. Any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”
The flaws, revealed this week, have resulted in Intel being hit by at least three class-action lawsuits by plaintiffs in California, Oregon and Indiana.
Intel said in a statement it “can confirm it is aware of the class actions but as these proceedings are ongoing, it would be inappropriate to comment”.
Apple (NASDAQ: AAPL) has advised in a blog post for users to update their devices’ operating systems.
“All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time,” Apple added.
“Our current testing indicates that the upcoming Safari mitigations will have no measurable impact on the Speedometer and ARES-6 tests and an impact of less than 2.5 percent on the JetStream benchmark.”
Security researchers are unaware if hackers have already exploited Meltdown or Spectre. They have said hacks will be hard to identify due to the lack of trace in log files.
“Exploits for these bugs will be added to hackers’ standard toolkits,” said chief executive of cybersecurity consulting firm Trail of Bits, Dan Guido.
The flaws were first reported in June but were only this week as developers attempted to create solutions to the flaws and prevent exploitation of hackers.