Security flaw discovered in the Intel chips, processor performance will drop by 5 to 30 percent after patch

A security flaw was discovered on intel processors as far as back to 1995. The systems will require an OS level update and it will slow down the PC performance by 5 to 30 percent.

So what is the security flaw ? Basically, there is a bug at the kernel level which has been found to be leaking memory. This allows hackers to instlal malware to steal passwords etc. As most desktop, notebooks and data centres are x86 powered, what would happen if data centres are compromised ? There will be massive data stolen.

As this is a CPU issue, it does not matter if you are running a Windows, MacOS or Linux user. The bug is given the name Meltdown is the name given to the vulnerability which affects Intel chips whereas Spectre is the name been given to vulnerabilities in other chip vendors and affects all chips, including ARM, Intel and AMD.

The system kernel is the middle man between the devices in the lower level and instructions passed to the OS and application system. Meltdown lets malicious software break this protection. This attack lets a program access the memory and the operating system. Systems with vulnerable processors and those running an unpatched OS, need to beware and not work with sensitive information. It was discovered by Jann Horn (Google Zero Project), Werner Haas and Thomas Prescher (Cyberus Technology) and Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz (Graz University of Technology).

Spectre, on the other hand, breaks the isolation between different applications, which will let hackers into tricking programs to leak their secrets. This affects not just PCs, but also mobile phones, embedded devices and other devices housing a chip. Spectre was reported by Jann Horn (Google Project Zero) and Paul Kocher in collaboration with, in alphabetical order, Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus), Moritz Lipp (Graz University of Technology), and Yuval Yarom (University of Adelaide and Data61).

Currently, there are no known misuse by exploiting the Meltdown or Spectre vulnerabilities that have been recorded yet. A FAQ is available online where you can find update fixes to your system.

Leave a Reply

Your email address will not be published.