“These issues apply to all modern processors and affect nearly all computing devices and operating systems. All Mac systems and iOS devices are affected but there are no known exploits impacting customers at this time,” Apple said in a blog post late on Thursday.
“Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store,” the company added.
Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against “Meltdown”.
“Apple Watch is not affected by ‘Meltdown’. In the coming days we plan to release mitigations in Safari to help defend against ‘Spectre’,” the iPhone maker added.
“Meltdown” and “Spectre” issues take advantage of a modern CPU performance feature called “speculative execution”.
“Speculative execution” improves speed by operating on multiple instructions at once – possibly in a different order than when they entered the CPU.
“Meltdown” and “Spectre” exploitation techniques abuse “speculative execution” to access privileged memory – including that of the kernel – from a less-privileged user process such as a malicious app running on a device, Apple said.
“We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS and watchOS,” the company said.