Apple Faces Meltdown & Spectre Class Action Lawsuit

Apple is facing a class action lawsuit in the US over the industry-wide chip vulnerabilities known as ‘Meltdown’ and ‘Spectre’.

Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.

Chips made by Intel, AMD and ARM manufacturers are all affected, meaning all manner of devices are implicated.

Meltdown & Spectre Apple

This includes iPhones, iPads and Apple TV devices powered by Apple’s processor technology, which is built on ARM’s designs.

Apple confirmed iOS, tvOS and macOS were all vulnerable and has released mitigations. It is worth noting that the Mac and the Intel chips used to power the computers are not directly addressed in this lawsuit, although Intel itself is facing legal action.

Lawyers allege that Apple has known about the bugs in June and that fixes released for Meltdown so far have impacted performance. Furthermore it is claimed that Spectre has still not been sufficiently patched and there is no indication what effect that could have on the devices in question.

Had customers known this information, it is argued, they would not have bought the products in question and certainly not for the prices they had paid for them.

Loading ...

“In short, Defendant has not been able to offer an effective repair to its customers. A patch that cuts processor performance is not a legitimate solution, nor is any patch that does not fully eliminate the Security Vulnerabilities that can be exploited by the Meltdown or Spectre techniques,” reads the filing made to the US District Court for the Northern District of California in San Jose.

Silicon has contacted Apple for comment, but earlier this month it said it had no information on the vulnerabilities being exploited in the wild.

Microsoft has already issued an emergency patch for Windows 10, while Google has urged Android users to upgrade to the latest security update.

Public cloud providers, including Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure have also issued guidance to customers in what is arguably an unprecedented incident for the technology industry.

Quiz: What do you know about ARM Holdings?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

NHS Challenged Over Data Contract With Palantir

Contract between NHS and data mining firm Palantir now at centre of lawsuit filed by…

41 mins ago

California Can Enforce Its Own Strict Net Neutrality Law

Open Internet Victory? Ruling from US federal judge rejects attempt by US broadband providers to…

2 hours ago

Australia Passes Amended ‘Media Bargaining Law’

Australia becomes first country in the world where a government arbitrator can set prices tech…

5 hours ago

Facebook Oversight Board Confirms Appeal Over Trump Ban

Unnamed 'user' files appeal with Facebook's Supreme Court (the Oversight Board) against the 'indefinite' ban…

6 hours ago

Facebook To Invest $1 Billion In News Industry

After the very public row with the Australian government, Facebook confirms it is investing $1…

24 hours ago

EU Opens Consultation On Gig Economy Worker Rights

After UK's top court rules Uber drivers are workers, European Commission begins consultation on gig…

1 day ago