Earlier this month, researchers released information revealing a flaw in almost every Intel chip manufactured since 2011 that made it possible to harvest sensitive data, including account tokens, keys and passwords, from the processor.
Microarchitectural data sampling results from a flaw in the physical design of the chip, and in response, software firms have stepped in to provide solutions by preventing their software from being able to launch such attacks on the processor.
If you’ve updated your browsers and operating systems in the last week or so, you’re probably already protected.
Apple has released fixes for every Mac and MacBook released during and since 2011, and has advised that any system running the macOS Mojave 10.14.5 or later is patched.
Their patch prevents the Safari browser, as well as other apps, from being able to be used in such an exploit, but in a few cases, may cause a performance decline. The update will also be applied to the Sierra and High Sierra versions of the OS, while iPhones, iPads and Apple Watches are not affected by the bug.
Google released patches for Android and updated Chrome, and their Google Cloud solutions, but said that Intel-only devices would need to be patched once the device makers had made firmware updates available.
Devices using Chrome OS are protected in the latest version, and permanent solutions would be included in the next version. However, they also stated that users should patch their operating systems as soon as possible by installing updates, and following their manufacturers recommendations.
At the time the news broke, Mozilla released a beta patch for macOS mitigation, (since fully released) and announced no action was recommended for Windows and Linux users.
Microsoft released patches for its operating system and cloud, but said that customers may need to obtain microcode updates for processors directly from device manufacturers if necessary. It has included as many of these as possible in Windows updates,and they are also available from its website.