Google is getting ready to protect Android users from a new exploit dubbed Spectre. The latter can affect processors from Intel, AMD and ARM which means that mobile devices are vulnerable. An affected handset can leak sensitive information including passwords. The good news is that it is not as easy to exploit compared to other vulnerabilities. Since Spectre can infiltrate cloud servers, customer data belonging to corporations could be at risk.
Google has a posting online that explains how these vulnerabilities can affect its products. The company says that exploitation on Android is difficult and limited. The January Android security patch will protect devices running the open source OS. Google also states that Google Search, YouTube, Google Ads products, Maps, Blogger, and the customer data held by Google, are protected. So are Gmail, Calendar, Drive, Docs, and other G Suite services.
Another new exploit called Meltdown is designed to affect only devices powered by Intel processors. It is easier to exploit than Spectre, and can steal secrets buried inside a PC.
If you own an Android device, make sure that you install the January Android security patch as soon as you receive it.
"Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents."-Meltdownattack.com