Apple to patch SLAP and FLOP web browser vulnerabilities

Apple plans to patch two new speculative execution attacks, SLAP and FLOP, that impact recent Apple chips, according to data shared today by Georgia Tech students who discovered the vulnerabilities.

Several Apple A-series and M-series chips are affected, including the A15 and later and the M2 and later, which are found in the following:

• 2022 and later Mac notebooks
• 2023 and later Mac desktops
• 2021 and later iPad models
• 2021 and later iPhones

Juli Clover for MacRumors:
‎

Apple told Bleeping Computer that it has not yet patched the flaws. “We want to thank the researchers for their collaboration as this proof of concept advances our understanding of these types of threats,” Apple said. “Based on our analysis, we do not believe this issue poses an immediate risk to our users.”

SLAP affects Safari, while FLOP affects Safari and Chrome. Other browsers like Firefox could be affected too, but have not been tested. There is no evidence that SLAP and FLOP have been executed in the wild.

‎
MacDailyNews Note: More info about how SLAP and FLOP work can be found here.

We are currently about 1/4th of the way to being sustainable with Substack subscriptions.

Please tell your Apple-loving friends about MacDailyNews on Substack and, if you’re currently a free subscriber, please consider $5/mo. or $50/year to keep MacDailyNews going. Just hit the subscribe button. Thank you!

Read on Substack

‎
Please help support MacDailyNews — and enjoy subscriber-only articles, comments, chat, and more — by subscribing to our Substack: macdailynews.substack.com. Thank you!

Support MacDailyNews at no extra cost to you by using this link to shop at Amazon.

The post Apple to patch SLAP and FLOP web browser vulnerabilities appeared first on MacDailyNews.