Science

Watch the Meltdown CPU exploit in action

Watch the Meltdown CPU exploit in action”

Some fixes, in the form of software updates known as patches, have been introduced or will be available in the next few days, said Intel, which provides chips to about 80% of desktop computers and 90% of laptops worldwide. Gadgets powered by Google's Android operating system number more than 2 billion, the company said past year.

But based on information released so far by tech companies and estimates from chip industry analysts, it looks like at least 3 billion chips in computers, tablets and phones now in use are vulnerable to attack by Spectre, which is the more widespread of the two flaws.

Intel and AMD both said that Google told the companies about the threats last summer.

"Right now it's kind of tricky to take advantage of it", Daly said.

The first reports suggested that a bug affected exclusively chips made by Intel, but it has since emerged that a separate flaw, Spectre, has been found in Intel, ARM and AMD chips.

"In addition to the security considerations raised by this design flaw, performance degradation is expected, which could require more processing power for affected systems to compensate and maintain current baseline performance", FS-ISAC said. "Intel is committed to responsible disclosure". Intel has denied this, saying that "any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time". "There will need to be consideration and balance between fixing the potential security threat vs the performance and other possible impact to systems". "Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available", the company said. In a post on its website, Apple said updates to its operating systems for iPhones (iOS 11.2), Macs (macOS 10.13.2), and Apple TVs (tvOS 11.2) would defend against Meltdown. It will be releasing security patches for users of older Chromebooks, while there will also be a fix for users of the Chrome web browser.

Microsoft said they have not received "any information to indicate that these vulnerabilities had been used to attack our customers", according to a statement to The Verge.

Spectre
NATASCHA EIBL

On servers such as those run by Google Cloud Services, Amazon Web Services or Microsoft Azure for corporate customers, hackers can even steal data from multiple customers.

The second flaw, known as Meltdown, allows hackers to "melt" security boundaries between user applications and the operating system normally enforced by hardware. It said Android phones with the latest security updates were protected, and that Gmail was safe. But AMD also told its customers that "total protection from all possible attacks remains an elusive goal" and encouraged them to regularly update their software.

Intel said in a statement on Wednesday that it believes the flaws "do not have the potential to corrupt, modify or delete data".

On Thursday, Intel's stock closed down 1.8 percent to $44.43 a share.

However, there are now no known attacks that have exploited these flaws, according to the Google researchers.

In the original report, researchers said the vulnerability affects "virtually every user of a personal computer".

The security flaws, dubbed Meltdown and Spectre, affect nearly all devices running Intel, ARM and AMD processors, according to the researchers who revealed their findings. "Most of the software vendors welcome that interaction as long as you see this disclosure in private first, so you have a chance to fix the bugs".



Like this

loading...
loading...

Latest


06 January 2018
US Sanctions 4 Venezuelan Officials, Citing Corruption
Falling oil prices, political unrest, and corruption have decimated the country's economy and led to deadly protests under Maduro. On Nov. 9 of a year ago , the U.S.

06 January 2018
US imposes sanctions on 5 Iranian entities
No less is expected from European leaders, who need to be more vocal in opposing violence against Iran's peaceful demonstrators. Ambassador Nikki Haley portrayed the protests as a human rights issue that could spill over into an worldwide problem.

06 January 2018
Granite Point Mortgage Trust (GPMT) Given News Sentiment Score of 0.30
Stratos Wealth Ptnrs Limited stated it has 15,247 shares or 0.18% of all its holdings. 40,086 are held by Veritable L P. Wells Fargo & Co started coverage on shares of Blackstone Mortgage Trust in a research note on Wednesday, December 6th.

06 January 2018
Fiera Capital Corp Boosts Stake in Taiwan Semiconductor Mfg. Co. Ltd. (TSM)
The stock of Taiwan Semiconductor Manufacturing Company Limited (NYSE: TSM ) earned "Hold" rating by HSBC on Wednesday, June 21. After having $0.57 EPS previously, Taiwan Semiconductor Manufacturing Company Limited's analysts see 5.26% EPS growth.

06 January 2018
Range Resources Corporation (NYSE:RRC), Match Group, Inc. (NASDAQ:MTCH)
Vertex Pharmaceuticals Incorporated (NASDAQ:VRTX) earnings have risen with a quarterly rate of 3.8% over the last 5 years. Nordea Investment Management AB increased its holdings in shares of Range Resources by 33.2% in the 3rd quarter.

06 January 2018
Today Analysts Focus on Weyerhaeuser Company (WY), Tesla, Inc. (TSLA)
Tesla Motors, Inc. (NASDAQ:TSLA) now has a Weekly Volatility of 2.44% percent while its Monthly Volatility is at 2.68% percent. It increased, as 93 investors sold TSLA shares while 134 reduced holdings. 57 funds opened positions while 119 raised stakes.

06 January 2018
Renowned celebrity chef Zubaida Tariq passes away at 72
With a formal-sounding name, Mrs Zubaida Tariq, Apa, made her TV debut back in 1996 when she was in her 50s. They settled in Karachi , PIB Colony, where she lived with her five older sisters and four brothers.

06 January 2018
The Blackstone Group LP (NYSE:BX) Future Growth Projections From Analysts
The company holds a market cap of 40.25B with a P/E of 14.35 indicating whether its share price properly reflects its performance. It turned negative, as 29 investors sold BX shares while 155 reduced holdings. 52 funds opened positions while 177 raised stakes.

06 January 2018
@SenatorWicker Pleased FEMA Will Allow Disaster Aid for Houses of Worship
The churches filed a lawsuit against FEMA over its policy accusing the agency of religious discrimination. Another request for an emergency injunction for these churches has been pending at the Supreme Court.

06 January 2018
State lawmakers expected in new session to debate legalizing pot
Driving while under the influence remains illegal, and one's marijuana stash must be kept in a closed container or in the trunk. Colorado's US attorney, Bob Troyer, said his office won't change its approach to prosecution, despite Sessions' guidance.