![]() ![]() ![]() Both Meltdown and Spectre can essentially erode the boundaries in a machine that seperate one client's data from another. The risk is especially severe for cloud computing providers, which lease their servers to different clients. Attacks that exploit the two vulnerabilities are also difficult to detect and don't leave any traces. ![]() "While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs," the researchers wrote.ĭesktops, laptops, cloud servers, and smartphones are affected by one or both vulnerabilities, the researchers warn. The other vulnerability, dubbed Meltdown, was found mostly in Intel processors as far back as 1995 it's unclear whether AMD or ARM-based chips have the same problem.īoth bugs can essentially help malware grab data stored in sensitive programs, including a password manager or browser. One vulnerabilty, named Spectre, was found in AMD and ARM-based chips, too. Intel also isn't the only vendor affected. The Graz researchers had intended KAISER to solve a far less serious issue than Meltdown or Spectre their focus was on hiding the location of a computers memory from malicious, not necessarily. UPDATE 2: The Intel flaw involves two vulnerabilities that can be used to steal your passwords, emails and any other sensitive data you have on your computer, according to the security researchers who uncovered the bugs. You read that right, once your system is patched it may run 30 percent slower for certain tasks. Current estimates suggest that hit could be as high as 30 percent. Closing the security hole will result in a significant performance hit to each system. Intel fails to get Spectre, Meltdown chip flaw class-action super-suit tossed out JanuTH Author Intel will have to defend itself against claims that the semiconductor goliath knew its microprocessors were defective and failed to tell customers. The vulnerability alone is bad enough, but the fix makes the situation even worse. So that includes your passwords, login keys or any files that happen to be cached when unauthorized access occurs. It is therefore extremely important the kernel memory remains secure due to the sensitive information it can contain.Īlthough nobody outside of Intel knows the specifics, the flaw is thought to be so serious it could allow any software, even a bit of JavaScript running in a web browser, to access and steal data stored in the protected kernel memory. The kernel is the core of an operating system and controls anything and everything running on it. As The Register reports, the flaw is thought to allow user programs to gain access to protected kernel memory areas. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |