![]() “It is important to note that this method is dependent on malware running locally which means it's imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads,” said the company in its briefing note. The company also advises its users to ensure that users are careful to follow good practice to stay as safe as possible. Both AMD and Intel have been affected by Spectre and Meltdown, but Intel has historically been hit harder. ARM has put out a security briefing note, indicating which chips could have been affected by Spectre. A new Meltdown-style security flaw has been detected, this time on AMD CPUs. In a statement, Intel said it was working with ARM and AMD to address the flaw. There are, however, no known attacks in the wild. As part of its ongoing efforts to patch its systems against the Meltdown and Spectre chip flaws, Intel indicated last month that it would be issuing fixes as far back as 2005s Yorkfield processors. However, the bad news is that there’s no known fix for the flaw. There’s good and bad news about Spectre: the, relatively, good news is that it’s a harder flaw to exploit, not something that’s likely to be exploited by the archetypal teenage hacker sitting in his bedroom, but it’s a weakness that could well be exploited by state security services and criminal gangs. Both attacks use side channels to obtain the information from the accessed memory location.” Good and bad news Microsoft says it began investigating SSB in November, after Spectre and Meltdown were already being researched, but before the flaws were publicly disclosed in January. This article has been indexed from The Register Security. Spectre tricks other applications into accessing arbitrary locations in their memory. Intel fails to get Spectre, Meltdown chip flaw class-action super-suit tossed out. Consequently, applications can access system memory. ![]() ![]() “Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. The recent discoveries of new vulnerabilities on the computer chips that power most of our computers have left practitioners scrambling to come up with. Jann Horn’s team at Google Project Zero also identified Spectre first, but researchers from a variety of institutions also confirmed the flaw.Ī blog post from the team at the Graz University sets out the difference between the two flaws. 4, that the macOS 10.13.2 patch released on Dec. ![]() The vulnerability was then picked up by teams at Graz University of Technology and Cyberus Technology. Mac users, it turns out, have been protected from Meltdown since last month, with Apple confirming late on Thursday, Jan. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |