Meltdown and Spectre vulnerabilities

Meltdown and Spectre vulnerabilities

Recently, two critical vulnerabilities were discovered in modern processors. Dubbed “Meltdown and Spectre”, these processor chip vulnerabilities are found on personal computers, mobile devices, and in the cloud.

What is Meltdown

Meltdown exploits a flaw in out-of-order execution, a performance feature found in many modern processor chips. The researchers who discovered it have confirmed that it affects every Intel processor since 1995 (with the exception of pre-2013 Intel Itanium and Intel Atom processors). However, they added that it remains unclear whether ARM and AMD processors are also affected by the vulnerability.

If successfully exploited, an attacker can obtain a copy of the entire kernel address space, including any mapped physical memory, in other words, any data stored in memory at the time of the attack.

What is Spectre

Spectre  has a similar outcome but works in a slightly different way, and exploits a flaw in processor design to trick an application into leaking information stored in memory.

According to the team who discovered Spectre, virtually all modern processors are affected by the vulnerability, including Intel, AMD, and ARM chips. Once again, the vulnerability is operating system agnostic.

Now, the best thing to do at this point is to make sure your workstations are up to date with anti-virus packages and be careful with installing applications from unknown vendors as well as attachments.

Get the latest Anti-virus package.

Baron Software does recommend using Symantec/Norton anti-virus package due to the reliability and updates provided.  The support team at Symantec works countless hours to provide security but you need to understand that if you allow a application to be installed then nothing will help you but a removal tool.