By now you might have heard about the trending Meltdown flaw, a kernel bug in Intel’s processors which brings in major security issues. And in case you haven’t, make sure you give it a read here first.
Along with Meltdown there is also a “branch target injection” bug called Spectre that affects mobile ARM processors that are present in all iOS and most Android devices.
It was Google’s Project Zero team that revealed the Spectre bug as they investigated further into CPU security and they have already rectified the issue with their Pixel phones, Nexus 6P and 5X, and the Pixel C tablet as an OTA security patch.
Now you might be wondering, what about your non-Google phone? Well for starters, some newer flagship phones (S8 and Note 8) have already been updated, and other OEMs including Apple, even though they have been silent on the issue, should be rolling out updates soon.
However, there are many older phones that would still be vulnerable and a hacker could extract personal info from an otherwise safe app on your phone. But there is not much to worry about since the attacker would need access to your unlocked phone as Spectre can’t be triggered remotely. Even Google claims “Exploitation has been shown to be difficult and limited on the majority of Android devices”. Note: Google Home and WiFi are unaffected by the Spectre bug.