Tagged With meltdown

In the past few weeks, the entire information security industry has grown very anxious about Meltdown and Spectre, two classes of exploits that can be used to manipulate vulnerabilities in the way many varieties of modern processors (but especially Intel ones) handle a performance-improving technique called speculative execution and extract hidden system data. While numerous platforms have rushed to roll out patches, and Meltdown appears to be less of an issue than Spectre, it's still unclear just how badly this situation could go.

Shared from The Conversation

The disclosure of the Meltdown and Spectre computer vulnerabilities on January 2, 2018 was in many ways unprecedented. It shocked – and scared – even the experts.

The vulnerabilities bypass traditional security measures in the computer and affect billions of devices, from mobile phones to massive cloud servers.

We have, unfortunately, grown used to attacks on computer systems that exploit the inevitable flaws resulting from vast conceptual complexity. Our computer systems are the most complex artefacts humans have ever built, and the growth of complexity has far outstripped our ability to manage it.

In the wake of Spectre and Meltdown, every major computing company is scrambling to try to find a way to fix, or at least address, the widespread security vulnerabilities at hand. And while things haven't been going great over in the Microsoft camp after the company had to pull its latest security patch, today Google is trying to shore up systems running Chrome OS with a new update, version 64.

It's been nearly a month since The Register first revealed that every single major processor in devices today is subject to a series of harrowing security vulnerabilities known as Spectre and Meltdown. Today, in light of news that Intel informed foreign interests of the vulnerabilities before the US government, and that Microsoft is pulling its latest patch from Intel due to some heinous bugs, we thought we'd revisit the saga and what you can (and cannot) do to protect your data.

This week, news of massive security vulnerabilities afflicting every modern model of Intel processor went public, even as developers for practically every major platform frantically rushed to roll out fixes. Much more information has now become available about Meltdown and Spectre, a group of attack methods malicious parties could use to break into some of the most sensitive inner workings of any device using the affected CPUs.