Massive CPU flaws get a name: Meltdown and Spectre -- what you need to know
Earlier we had reported on a major hardware flaw that could be exploited to compromise systems based on Intel processors released over the last decade. As many of the details of these flaws were being held under embargo, we didn't learn all the details until later.
There are two major flaws that affect all modern computers based on processors from Intel, AMD and ARM. The flaws have received the names Meltdown and Spectre, and both potentially allow hackers to steal personal data from computers, including mobile devices and cloud servers, without leaving a trace. Both holes could be exploited to get access to data stored in the memory of other running programs. A practical example would be your passwords stored in a password manager or browser, your personal emails, or business-critical documents.
If that isn’t bad enough, patching the issue might slow down the performance of a CPU by up to 35 percent (a realistic worst-case scenario). At the moment we're running preliminary tests on Windows 10 covering storage, gaming and applications to see what the immediate effects are to the average user.
Update, we've run some benchmarks: With an emergency fix for Windows 10 already out, we've conducted a set of tests to measure the impact this update has on performance for desktop users, if any at all.
Update #2: Following up to our initial testing, we're looking deeper into the matter by testing a patched desktop system for both Meltdown (OS-level patch) and Spectre (firmware/BIOS update).
The flaws were discovered last year by Google’s Project Zero team, when they demonstrated that malicious code could take advantage of “speculative execution,” a technique used by most modern CPUs to optimize performance. Since then the company put forth efforts to disclose and collaborate with manufacturers across the industry, secure Google’s systems, as well as work on mitigating action.
The coordinated disclosure date for the flaws was January 9, 2018, but because of premature reports and growing speculation and risk of exploitation, the information was revealed sooner and patches are just being made available for some platforms.
Refrence: www.techspot.com/news/72576-massive-cpu-flaws-get-name-meltdown-spectre-what
Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://www.techspot.com/news/72576-massive-cpu-flaws-get-name-meltdown-spectre-what.html
Hey @mbilalihsan,
This is so informative. Keep it up bro:)