Apple Faces Meltdown & Spectre Class Action Lawsuit

Apple is facing a class action lawsuit in the US over the industry-wide chip vulnerabilities known as ‘Meltdown’ and ‘Spectre’.

Essentially, the vulnerabilities affect the kernel of the chips and could allow an attacker to read information that should otherwise be inaccessible. This means an attacker could obtain passwords, encryption keys or steal information from other applications.

Chips made by Intel, AMD and ARM manufacturers are all affected, meaning all manner of devices are implicated.

Meltdown & Spectre Apple

This includes iPhones, iPads and Apple TV devices powered by Apple’s processor technology, which is built on ARM’s designs.

Apple confirmed iOS, tvOS and macOS were all vulnerable and has released mitigations. It is worth noting that the Mac and the Intel chips used to power the computers are not directly addressed in this lawsuit, although Intel itself is facing legal action.

Lawyers allege that Apple has known about the bugs in June and that fixes released for Meltdown so far have impacted performance. Furthermore it is claimed that Spectre has still not been sufficiently patched and there is no indication what effect that could have on the devices in question.

Had customers known this information, it is argued, they would not have bought the products in question and certainly not for the prices they had paid for them.

Loading ...

“In short, Defendant has not been able to offer an effective repair to its customers. A patch that cuts processor performance is not a legitimate solution, nor is any patch that does not fully eliminate the Security Vulnerabilities that can be exploited by the Meltdown or Spectre techniques,” reads the filing made to the US District Court for the Northern District of California in San Jose.

Silicon has contacted Apple for comment, but earlier this month it said it had no information on the vulnerabilities being exploited in the wild.

Microsoft has already issued an emergency patch for Windows 10, while Google has urged Android users to upgrade to the latest security update.

Public cloud providers, including Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure have also issued guidance to customers in what is arguably an unprecedented incident for the technology industry.

Quiz: What do you know about ARM Holdings?

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 hours ago

Former Policy Boss At X Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

5 hours ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

7 hours ago

FTX Co-Founder Gary Wang Spared Prison

Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…

8 hours ago