Qualcomm is working to fix chip security holes

Qualcomm on Friday said it's working on updates for products that are affected by recently announced chip-level security vulnerabilities.
These vulnerabilities, first disclosed earlier this week by security researchers from Google and other organizations, have already wiped billions in value from Intel, whose chips are among those affected. They have also forced many software and cloud services companies, including Amazon, Apple, IBM and Microsoft, to deploy fixes.

"We are actively incorporating and deploying mitigations against the vulnerabilities for our impacted products, and we continue to work to strengthen them as possible," a spokesperson told CNBC in an email. "We are in the process of deploying these mitigations to our customers and encourage people to update their devices when patches become available."

Researchers have found that one of the vulnerabilities affect processors from AMD, as well as chips that use certain Arm technology. Qualcomm chips do use Arm technology, and so the disclosure from Qualcomm shouldn't be a major surprise.

Still, Qualcomm stock fell about 1 percentage point in after-hours trading on Friday after the company made the disclosure.

The spokesperson didn't identify the affected products, although the upcoming Qualcomm Snapdragon 845 chip is likely included in the bunch. It's expected to contain Arm's Cortex-A75 core, which is affected by the vulnerabilities.

  • Qualcomm didn't specify which chips are affected.
  • Qualcomm uses Arm cores in its chips, and researchers had already said Arm chips were affected by one of the vulnerabilities, nicknamed Spectre
  • The vulnerabilities have wiped billions from Intel's stock price and caused other tech companies to scramble to issue fixes.
CNBC

So we BlackBerry users have only one problem and lucky for us is that meltdown is easier to get our information than spectre. Still both attacks need to be able to put some code on to a user's computer in order to try to exploit either Meltdown or Spectre.So  keep in mind these vulnerabilities can only be exploited via malware running locally on the device.


Reacties