Tagged With spectre

0

The disclosure of the Meltdown and Spectre computer vulnerabilities on January 2, 2018 was in many ways unprecedented. It shocked – and scared – even the experts. The vulnerabilities bypass traditional security measures in the computer and affect billions of devices, from mobile phones to massive cloud servers.

We have, unfortunately, grown used to attacks on computer systems that exploit the inevitable flaws resulting from vast conceptual complexity. Our computer systems are the most complex artefacts humans have ever built, and the growth of complexity has far outstripped our ability to manage it.

Predicting the future is near impossible -- but that doesn‘t stop us all from having a red hot go. Human beings have been predicting the future since the beginning of history and the results range from the hilarious to the downright uncanny.

One thing all future predictions have in common: they‘re rooted in our current understanding of how the world works. It‘s difficult to escape that mindset. We have no idea how technology will evolve, so our ideas are connected to the technology of today.

0

Researchers at malware and security software testing company AV-TEST have discovered 139 samples of malware that "appear to be related to recently reported CPU vulnerabilities." Although most of the samples they discovered seem to be based on proof-of-concept software created by security researchers the number of unique samples is on the rise.

2

Spectre and Meltdown are the collective names for three different vulnerabilities found in the processors powering a vast number of the computing devices we rely on, from desktop and notebook PCs through to smartphones and other gadgets. And while many people are aware that these vulnerabilities exist and that tech companies are doing their best to plug the leaky bits of code, many aren't really clear on what the problems are.

What follows is a plain English guide to Spectre and Meltdown.

0

The biggest tech news of the summer has, arguably, been the revelation that CPUs in a massive number of computer systems are susceptible to three different vulnerabilities. Two of these, CVE 2017-5753 and CVE 2017-5715, have been dubbed Spectre with the third, CVE 2017-5754, given the Meltdown moniker. Tech companies around the world have been scrambling to provide mitigations to these vulnerabilities. Microsoft has provided some detail on what they've done and what performance impact you can expect.

0

While we were sleeping Apple dropped an update for iOS users that addresses Spectre - the two vulnerabilities that make it possible for items in kernel memory to be available to user processes. Although there aren't any known exploits for this, and the related Meltdown vulnerability, in the wild the update is an important one for all iOS users.

Shared from Gizmodo

1

Security researchers revealed disastrous flaws in processors manufactured by Intel and other companies this week. The vulnerabilities, which were discovered by Google's Project Zero and nicknamed Meltdown and Spectre, can cause data to leak from kernel memory -- which is really not ideal since the kernel is central to operating systems and handles a bunch of sensitive processes.

Shared from Gizmodo

0

This week, news of massive security vulnerabilities afflicting every modern model of Intel processor went public, even as developers for practically every major platform frantically rushed to roll out fixes. Much more information has now become available about Meltdown and Spectre, a group of attack methods malicious parties could use to break into some of the most sensitive inner workings of any device using the affected CPUs.