CPU Security Flaw Update

January 17th, 2018 by Jennifer Lough

If you’ve been keeping up with the news, you may have heard about Spectre and Meltdown, which exploit vulnerabilities in the processor chips in both devices and cloud infrastructure. These vulnerabilities almost certainly apply to you. They are in modern processor chips made by Intel, AMD, and ARM Holdings. For those who are not aware or need a refresher, Meltdown and Spectre work by accessing computer memory and stealing data from other programs or applications. Meltdown compromises the separation of application and operating system. An attacker could use one program to access other parts of the operating system and find sensitive data. Spectre breaks the separation between applications or programs. In this exploitation the attacker can access other programs from one unrelated program. Normally, all programs would be isolated from one another and from the sensitive data in the OS. Read the rest of this entry »