Just after the Intel Management Engine fiasco, Intel makes news headlines again. Massive vulnerabilities in virtually every CPU they’ve released in the last decade have been discovered and its not pretty. There’s a lot of technical language in many of the news articles that have been published so far; however, the bottom line is that these vulnerabilities have the potential to give hackers unlimited access and control over the affected machines. Intel processors are the most vulnerable and this is a hardware issue that cannot easily be patched. So far, every major OS is affected including Microsoft Windows, Apple’s Mac OSX, Linux distributions, ChromeOS and more. The two known vulnerabilities have been dubbed “Meltdown” and “Spectre,” the latter of which also affects AMD processors and mobile CPU’s such as ARM processors. While all modern processors are affected by the “Spectre” vulnerability, AMD claims that their processors have a “near zero risk” of being affected by “Meltdown” because of the differences in the architecture of their processors. Both the chip manufacturers and OS developers are working hard to plug the security holes. Microsoft released a patch yesterday, January 3rd. Apple will be adding protections against “Meltdown” on January 6th in macOS High Sierra 10.13.2. Google Chromebooks were updated in Chrome OS 63, which was released on December 15.
So what’s the bottom line? Make sure you download and install all of the latest updates for all of your devices as soon as possible. The one downside, these updates are virtually guaranteed to reduce the speed of your devices. Experts are saying performance of certain applications could be reduced anywhere from 5% to as much as 30% as a result of the necessary software updates…
If you’ve been thinking about purchasing a new computer or device, you may want to hold off a little longer until the chip manufacturers work this out.
Links:
https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability)
https://en.wikipedia.org/wiki/Spectre_(security_vulnerability)
https://www.techrepublic.com/article/massive-intel-cpu-flaw-understanding-the-technical-details-of-meltdown-and-spectre/
https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html
https://mspoweruser.com/microsoft-explains-changes-made-edge-address-spectre-vulnerability/
Leave a Reply