Domingo, 21 Enero 2018
Ultimas noticias
Casa » New Intel patches promise immunity to Meltdown and Spectre attacks

New Intel patches promise immunity to Meltdown and Spectre attacks

14 Enero 2018

In the wake of the discovery, Google's Project Zero and others have published a detailed report on the case.

The Google Security team wrote that they began taking steps to protect Google services from the flaw as soon as they learned about it. If you're wondering why they didn't tell the public about it as soon as they learned about it, it's because there was supposed to be a coordinated release coming up next week (on January 9th). Intel has also gone on record to say that the issue was caused due to a 'bug' or 'flaw' in the design is wrong. "Based on the analysis to date, many types of computing devices, with many different vendors' processors and operating systems, are susceptible to these exploits", the company said in a statement.

Gruss said that Meltdown is the more serious current problem, although the bug's Intel-specific nature makes it easier to patch with software. Whereas, AppleInsider reports that Apple released an update of macOS 10.13.2 on 6th of December, last year. which already fixed the kernel security bug.

Intel also acknowledged that the patch will slow down its chips in some instances, but the slowdown will be workload-dependent.

While Spectre affects devices using chipsets from three leading chip manufacturers, Meltdown affects Intel-powered devices in particular and threatens devices manufactured over the past two decades.

The modern CPU architectures assume that there are certain things which work around the kernel.

Intel is facing three class-action lawsuits as the company continues to grapple with fallout after it acknowledged its chips were vulnerable to two massive security bugs.

"Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system". Spectre comes from the root cause of the flaw, which is speculative execution. Further details on this flaw have not been disclosed by Intel. It said that it had already protected nearly all instances of AWS and that customers must update their own software running atop the service as well.

However, Intel said it is working with its tech partners such as AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue "promptly and constructively".

New Intel patches promise immunity to Meltdown and Spectre attacks