2018 would be the gift of another serious vulnerability nobody has expected. Recently the Microprocessor Company Intel took action when security flaw of Meltdown and Spectre came into recognition. Overall millions of computer are been in affect by this security flaw.
The worst news about vulnerability is that it slows down the processor performance by almost 30%. On the other hand, AMD users are safe and not in affect by it.
What really is Meltdown and Spectre?
The Meltdown is a CPU vulnerability that permits a client mode program to access kernel memory. It impacts all Intel processors which are released since 1995 except for Itanium and pre-2013 Atoms. Out of the two vulnerability, Meltdown is the less demanding one to settle and can be fixed by OS updates.
2. Spectre (CVE-2017-5753, CVE-2017-5715)
The Spectre is empowered by the unintended reactions of CPU. It is just like when something processors do to speed things up by receiving instructions and execute them early.
Is this really a Hardware Bug?
What is the biggest impact of this hardware Bug?
Well, “Meltdown and Spectre” hardware bug is the biggest headache for the Intel Company because the vulnerability allows the program to get access to the protected memory of a kernel which can drastically make the biggest impact on computer performance.
If the program gets the access to the secure kernel memory then an attacker can easily install a program to a computer and access anything in your computer by exploiting the kernel like credentials, passwords, important files, bank details and much more.
Here’s the video which can take you into more detail for this security bug:
What is the current solution to this Vulnerability?
Currently, for Meltdown and Spectre all you can do this is to make sure that your OS is up to date with the latest security patches which can block access to kernel memory. As per OS developers, they are changing the kernel functionality of Intel CPU which can prevent the kernel from exploitation.
You can download patches from below Microsoft links:
- For Windows 7 and Windows Server 2008
- Windows 7 SP1 and Server 2008 R2 SP1 — KB4056897 (Security only, issued 1/3/18)
- Windows 7 SP1 and Server 2008 R2 SP1 — KB4056894 (Monthly rollup, issued 1/4/18)
- No patches available for Windows Server 2008 non-R2 version
- Updates for Windows 10
- Patches for Windows 8 and Windows Server 2012
- Windows 8.1 and Server 2012 R2— KB4056898 (issued 1/3/18)
- No patches available for Windows Server 2012 non-R2 version