Computer security researchers recently disclosed two security flaws named Meltdown and Spectre that affects devices using processors from Intel, AMD and ARM Holdings. The security threat affects devices including personal computers, mobile devices and cloud computing platforms and allows hackers to steal critical information generally protected within the kernel memory.
While Spectre affects devices using chipsets from three leading chip manufacturers, Meltdown affects Intel-powered devices in particular and threatens devices manufactured over the past two decades. Chip manufacturers and software developers have been scrambling to patch their devices with security updates since the flaw were first disclosed on Wednesday. Microsoft has issued security patch for Windows 10 machines that automatically get downloaded to prevent any risk while Apple has confirmed that Meltdown flaw has been fixed with the macOS 10.13.2 update.
However, since almost all of the devices in the world rely on microprocessor architectures designed by either Intel, AMD or ARM, it goes by default that all kinds of devices are affected by the security flaw. While software vendors like Microsoft, Apple have patched their operating system for PCs including open-source Linux operating system, the question remained about the security of gaming consoles.
Microsoft has now confirmed that its Xbox gaming consoles including Xbox One, Xbox One S and Xbox One X are not affected by the security flaw. Mike Ybarra, Xbox platform lead, tweeted that the security architecture of Xbox already includes mitigation against Meltdown and Spectre vulnerabilities. The confirmation comes as a relief especially considering the fact that Xbox consoles rely on AMD’s Jaguar platform, which is also affected by the flaw. Sony, the other major console manufacturer, whose Playstation also uses custom AMD processor, has not responded or confirmed about the effect of Meltdown on its game consoles.
Meltdown is a flaw that allows any attacker to access data in the kernel memory that is generally secured from user access. Xbox consoles are mitigated against the flaw should come as a relief but there is no discounting the fact that a larger system of computing devices still remain at the risk of losing critical data including passwords and private web addresses.
Security researchers claim the only way to mitigate the issue is KAISER (Kernel Address Isolation to have Side channels Effectively Removed) and the patches based on KAISER have been issued for modern operating systems like Windows and Apple’s macOS. Those using devices running these operating systems should immediately check for any available update and upgrade their systems with latest security patches.