Home > Security & Privacy
Meltdown And Spectre CPU Flaws Threaten Pcs, Phones And Servers
January 4th, 2018 | 09:54 AM | 618 views
Here's what you need to know to protect yourself. (Install updates.)
By now you've probably heard about a bug Intel is dealing with that affects processors built since 1995. But according to the people who found "Meltdown" and "Spectre," the errors behind these exploits can let someone swipe data running in other apps on devices using hardware from Intel, ARM and AMD. While server operators (like Amazon) apply Linux patches to keep people from accessing someone else's information that's being executed on the same system, what does this mean for your home computer or phone?
Google's Project Zero researchers identified the problems last year, and according to its blog post, execution is "difficult and limited" on the majority of Android devices. A list of potentially impacted services and hardware is available here, while additional protection has been added in the latest Android security update.
In a statement, Microsoft said: "We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD." In a blog post directed towards customers on its Azure server platform, the company said its infrastructure has already been updated, and that a "majority" of customers should not see a performance impact.
Apple has not publicly commented on the issue, however security researcher Alex Ionescu points out that macOS 10.13.2 addresses the issue and said that the 10.13.3 update will include "surprises."
According to AMD, "Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time," however it has promised further updates as the information comes out. As for ARM, it says most processors are unaffected but it has specific information on the types that are available here.
So what does this mean for you? On your devices the prescription is the same as always -- make sure you have the latest security updates installed and try to avoid malware-laden downloads from suspicious or unknown sources.
courtesy of ENGADGET
by Richard Lawler
If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at firstname.lastname@example.org