Tech companies are still working overtime on patching two critical vulnerabilities in computer chips that were revealed this week. The flaws, dubbed “Meltdown” and “Spectre,” could let hackers get hold of passwords, encryption keys, and other sensitive information from a computer’s core memory via malicious apps running on devices.

How many chips are affected? The number is something of a moving target. But from the information released so far by tech companies and estimates from chip industry analysts, it looks as if at least three billion chips in computers, tablets, and phones now in use are vulnerable to attack by Spectre, which is the more widespread of the two flaws.

Apple says all its Mac and iOS products are affected, with the exception of the Apple watch. That’s a billion or so devices. Gadgets powered by Google’s Android operating system number more than two billion, the company said last year. Linley Gwennap of the Linley Group, which tracks the chip industry, thinks the security flaws could affect about 500 million of them.

As practically all smartphones run on iOS and Android—sorry, BlackBerry holdouts—this pretty much covers the mobile-device landscape.