![]() Pretty much all chips from all major manufacturers created in the last 20 years are affected by Spectre or Meltdown, or both.Īlthough Intel was the first to be identified and the first to acknowledge the problem both in private and in public ARM and AMD CPUs are also affected.Īll three have issued patches for their components (more information on that below), typically consisting of microcode mitigations. ![]() ![]() More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable, that means all popular operating systems, including Windows, Linux, and macOS (opens in new tab) are affected. Almost every system is affected by Spectre, including desktops, laptops, cloud servers, and even smartphones. Spectre is much more widespread, however. ARM says some of its processors are also affected. ![]() Meltdown mostly affects Intel processors and at the moment, it is unclear whether AMD processors are also affected. It depends on the attack you're looking at. However, it is possible to prevent specific known exploits based on Spectre through software patches. It breaks the isolation between different applications and allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. The official Spectre website (yes, there is one) s tates that while Spectre is more difficult to exploit than Meltdown, it is also harder to mitigate. Doing so leaks data that should stay private.Ī Spectre attack needs more knowledge of the victim program's inner workings, and doesn't permit access to other programs' data, but will also work on just about any computer processor out there. A chip performing speculative execution would start carrying out Y before the user chooses to perform X, to get a headstart on computation. Spectre, on the other hand, gets its name from a procedure known as "speculative execution" that is supposed to help computers carry out actions in a non-linear fashion, improving the speed of execution.įor instance, if the program a user is running follows an 'if X, then Y' rule, then if a user chooses to perform X, the chip must then work on carrying out Y. In side-stepping these defences, Meltdown permits attackers or malware to access and pry on data they shouldn't be able to. Meltdown is so-called as it has the ability to "melt" the restrictions usually set in place at a chip's hardware level that should, in theory at least, protect sectors of the memory. Both include malicious code gaining access to data that is normally protected by the kernel. Spectre and Meltdown are the names given to the diverse variants of this same vulnerability. By exploiting the kernel in different ways, Meltdown and Spectre have the potential to allow intruders to get access to data previously thought completely protected. The kernel on a computer chip moves data around a chip's various sections of memory in response to what command a user is carrying out.
0 Comments
Leave a Reply. |