Security Alert: Meltdown/Spectre/KPTI

What It Is: The media is calling it variously Meltdown, Spectre, or the KPTI Flaw, which stands for Kernel Page Table Isolation. They all take advantage of a flaw in many processors from various companies manufactured since 1995, and affect a variety of computers and smartphones, including Apple's.

How It Works: The flaw can allows hackers to access portions of computer memory that they shouldn't be able to access. One example would be the ability for malicious software to view passwords from password managers if they happen to be open on the device.

Threat Severity: Fairly Low. This is an instance where the severity itself is high, but the risk is low. In order for your Mac to be affected, you would have had to install a piece of software that takes advantage of this bug, and so far security researchers aren't aware of any malicious software "in the wild" that does so. Cloud systems generally aren't affected, as most of those systems store your data encrypted and never load the unencrypted data into memory (the unencryption happens on your end, not in the cloud).

What You Need To Do: You should do the same things you (hopefully) always do:

  1. Don't install software from questionable sources. Anything from the App Store is generally safe, as Apple has strict requirements on what those apps can and can't do. If you need to get your software from somewhere else, always try and get it from the developer's website directly, not from a third-party. For example, if you need Adobe Flash, do a Google search for it and only go to links that show they are on Do not download software from places such as or

  2. Install Apple's Security Updates as soon as they become available. For critical updates (such as the recent "root flaw"), Apple will install these without you having to do anything. For the rest, go to the App Store and click Updates to see what updates are available.

#security #alert #password

Featured Posts
Recent Posts
Search By Tags