Every phone, tablet and personal electronic device is vulnerable to a bug that is an open door to hackers, according to technology experts.
Security flaws discovered in processors shipped by Intel, AMD and ARM give hackers a potential back door to steal data, including passwords and banking information.
Microsoft and Apple confirm all their devices are impacted by the bug.
The exploit could affect any device shipped by any vendor regardless of the operating system.
Google’s Project Zero research team uncovered the flaws – dubbed Spectre and Meltdown.
Worst flaw ever found
Researchers claim that Meltdown could be the ‘worst CPU bug ever found’.
Meltdown has sat in every Intel processor to come off the production line since 1995.
Engineers say the exploit can be fixed with a series of updates, but that the changes could make devices run up to 30% slower.
Spectre affects more modern processors produced by a range of manufacturers and is harder to fix, say engineers, but also harder for hackers to exploit.
“Intel has begun providing software and firmware updates to mitigate these exploits,” said an Intel spokesman.
“Any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”
Run on Intel stock
Google’s research team do not know if hackers had already exploited Meltdown or Spectre and that detecting hacks would be difficult as intrusions would not leave any traces in log files.
The discovery was made in June 2017, but Google and Intel decided not to break the news until January 9 to give time for security patches to be ready.
However, the news leaked over Christmas resulting in a 3.4% slide in stock values for Intel.
The companies then decided to announce news of the flaw early to protect Intel’s market position.
“All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time,” said Apple. “Although the security flaws make it possible to steal data using malicious software, there was no evidence to suggest that this had happened.”
Technology companies are advising customers to update their devices and but to only download software from trusted sources, such as app stores.