Apple Faces Meltdown & Spectre Class Action Lawsuit

Apple is facing a class action lawsuit in the US over the industry-wide chip vulnerabilities known as ‘Meltdown’ and ‘Spectre’.

Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.

Chips made by Intel, AMD and ARM manufacturers are all affected, meaning all manner of devices are implicated.

Meltdown & Spectre Apple

This includes iPhones, iPads and Apple TV devices powered by Apple’s processor technology, which is built on ARM’s designs.

Apple confirmed iOS, tvOS and macOS were all vulnerable and has released mitigations. It is worth noting that the Mac and the Intel chips used to power the computers are not directly addressed in this lawsuit, although Intel itself is facing legal action.

Lawyers allege that Apple has known about the bugs in June and that fixes released for Meltdown so far have impacted performance. Furthermore it is claimed that Spectre has still not been sufficiently patched and there is no indication what effect that could have on the devices in question.

Had customers known this information, it is argued, they would not have bought the products in question and certainly not for the prices they had paid for them.

Loading ...

“In short, Defendant has not been able to offer an effective repair to its customers. A patch that cuts processor performance is not a legitimate solution, nor is any patch that does not fully eliminate the Security Vulnerabilities that can be exploited by the Meltdown or Spectre techniques,” reads the filing made to the US District Court for the Northern District of California in San Jose.

Silicon has contacted Apple for comment, but earlier this month it said it had no information on the vulnerabilities being exploited in the wild.

Microsoft has already issued an emergency patch for Windows 10, while Google has urged Android users to upgrade to the latest security update.

Public cloud providers, including Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure have also issued guidance to customers in what is arguably an unprecedented incident for the technology industry.

Quiz: What do you know about ARM Holdings?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

BT Eagle-i Seeks To Predict, Prevent Cyberattacks

Proactive security approach. New security platform from BT Security, dubbed 'Eagle-i', seeks to predict and…

2 days ago

Apple Risks South Korean Clash After Investigation Warning

South Korean government official warns of possible investigation into Apple's compliance with new App Store…

2 days ago

Moscow Metro Facial Recognition System For Speedy Payments

Privacy concern. Moscow's Metro system has launched 'Face Pay', a mass facial recognition system for…

3 days ago

US Army Delays $22 Billion Microsoft Augmented Reality Headsets

United States Army pushes back deployment date of Microsoft's augmented reality headsets, but insists it…

3 days ago

TSMC Confirms Chip Plant For Japan

Taiwanese chip giant TSMC confirms it will build a chip factory in Japan, that will…

3 days ago

GitLab Raises $800m In Successful Initial Public Offering

After a successful public debut that raised hundreds of millions of dollars, coding platform GitLab…

3 days ago