Two newly disclosed processor vulnerabilities threaten the security of devices around the globe, but Google is here to tell you that it totally has your back. Well, for one of them, at least.
The Mountain View-based company explained Wednesday on its security blog that it’s been aware of the risks posed by the “speculative execution” vulnerability for some time now, and has been working to fix potentially at-risk systems.
“As soon as we learned of this new class of attack, our security and product development teams mobilized to defend Google’s systems and our users’ data,” Google explained in the blog post. “We have updated our systems and affected products to protect against this new type of attack.”
Someone exploiting this bug could theoretically steal passwords and other sensitive data off a computer. In other words, it’s bad.
Importantly, it appears the Google blog post specifically addresses the vulnerability dubbed Spectre, and not necessarily Meltdown. Thankfully, however, Meltdown patches do exist — Microsoft, for example, already issued one.
Google helpfully published a detailed list noting “affected Google products and their current status of mitigation against CPU speculative execution attack methods.” It includes steps that the company has already taken, and has suggestions for users of various products like Chrome (and you should probably heed the company’s security advice).
A few of the highlights: Updated Android devices (because this threatens mobile too) are protected, as are fully updated and supported Nexus and Pixel devices. You also don’t need to stress about Gmail or G Suite.
Either way, Google clearly wants you to know that even if everything is totally messed up in the world of cybersecurity, it’s still looking out for you.