Sales: 844.796.1717   •   Support: 801.999.4767
See Service Pricing

“Meltdown” CPU Security Flaw Found in Almost ALL Computers

“Meltdown” CPU Security Flaw Found in Almost ALL Computers
Written By   Eric Woodard, CISSP
January 4, 2018 Hardware Tech News
Security

A new security vulnerability has been discovered inside nearly all processors created in the last 20 years. The vulnerabilities named Meltdown and Spectre were independently discovered recently. The newly discovered vulnerabilities can allow an attacker to infiltrate the privileged memory of a processor by exploiting the way processes run in parallel. This can result in an attacker being able to steal just about any of the data on the system, including passwords and keystrokes.

About Meltdown

The bug essentially melts security boundaries down, which are normally enforced by the hardware to protect it. Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory.

About Spectre

The root cause of Spectre is speculative execution, which how the name came about. It is also not easy to fix, so it will haunt our systems for a while. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location.

Microsoft quickly released a patch for the bug for Windows 10 devices, but this will only fix part of the problem. Browsers will also need to release security updates. Google has said they will be releasing an update with the included patch by the end of the month. Firefox and Microsoft’s browsers (Internet Explorer and Edge) have already released updates. No word on when Safari may see a patch for the vulnerability.

You will also want to check with your device manufacturer to update the BIOS on your computer.

Installing these updates will only currently cover protection against Meltdown, which poses a more immediate threat to systems. Spectre is still being researched, and currently appears to be much more difficult to exploit than Meltdown. The fix for Spectre will also be more complicated, as The New York Times reports that Spectre fixes will require a redesign of the processor and hardware changes. We may be dealing with the aftermath of Spectre for a long time. Who is ready to call for an exorcism?

 

Tags: Intel Meltdown Spectre
Share:
Eric Woodard

Eric is the owner and CEO of Protek Support and is a CISSP (Certified Information Systems Security Professional). He graduated from Utah State University with a Bachelors of Science degree in Business with an emphasis in Information Technology (IT). He is an IT Services expert in a variety of technology related fields. Some of these fields include document management software/hardware, enterprise level networking and VoIP phone systems, as well as large scale software implementation projects and the setup of small business networks.

Related Posts

December 4, 2020

Four Reasons Technology Fails (and what do about it)

October 2, 2020

Top 10 Technology Considerations When Planning an Office Move

Post your Comment

Archives

Categories