Update: Apple later confirmed that all iOS devices were affected, and that the problem had been patched in iOS 11.2.
A security update by ARM suggests that a number of iPhones, iPads, iPods and Apple TVs may be affected …
An ARM Processor Security Update lists processors known to be susceptible. These include the Cortex-A8, Cortex-A9 and Cortex-A15.
While Apple designs its own A-series chips for iOS devices, these are based on ARM architecture. A number of A-series chips include at least some elements of the Cortex-A8, -A9 and -A15 processors, and so may also be susceptible.
The A4 chip includes a Cortex-A8 processor and is used in the iPad (1st gen), iPhone 4, iPod Touch (4th gen) and Apple TV (2nd gen).
The A5 and A5X chips include dual-core Cortex-A9 processors. The A5 is use in the iPad 2, iPad mini (1st gen), iPhone 4S, Apple TV (3rd gen) and iPod Touch (5th gen). The A5X is used in the iPad (3rd gen).
The A6 features some elements of the Cortex-A15, and is used in the iPhone 5 and iPhone 5C.
This suggests that the list of known devices which may be affected is:
- iPhone 4
- iPhone 4S
- iPhone 5
- iPhone 5C
- iPad (1st gen)
- iPad 2
- iPad (3rd gen)
- Apple TV (2nd gen)
- Apple TV (3rd gen)
- iPod Touch (4th gen)
- iPod Touch (5th gen)
However, with the full bug findings still not disclosed, it is possible that additional iOS devices may also be susceptible. Intel CEO Brian Krzanich told CNBC that a huge range of products would be affected, but the impact would vary.
Phones, PCs, everything are going to have some impact, but it’ll vary from product to product.
ARM says that the risk of exploitation is low.
It is important to note that this [attack] method is dependent on malware running locally which means it’s imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads.
If iOS devices are impacted, Apple will be able to patch them via a software update exactly as it is reported to have done for macOS, but the performance impact is as yet unknown.