‘Meltdown’ And ‘Spectre’ Security Flaws Affect ‘Virtually All’ Computers

Two newly revealed security flaws exploit modern processors to affect virtually every modern computer in use, potentially allowing hackers to “steal the entire memory contents of computers.”

The two flaws are known as Meltdown and Spectre, and the possibility of data theft they present extends to mobile devices, personal computers, and servers within cloud computer networks, The New York Times reports.

Meltdown

Though the flaws have been revealed at the same time, they must be handled in different ways. Meltdown affects “virtually every microprocessor made by Intel.” The widespread use of Intel microprocessors almost goes without saying, but the report notes that Intel chips are “used in more than 90 percent of the computer servers that underpin the internet and private business operations.”

Meltdown can be fixed with a patch, but those software patches could slow down system performance by as much as 20-30 percent.

Spectre

Spectre is a bit trickier, in that it’s harder to exploit — and harder to fix. The flaw affects most processors and there is no known fix, although some patches can prevent specific exploits. Further details on both flaws can be found at the website Meltdown Attack, which features research papers on Meltdown and Spectre.

While Meltdown only affects Intel chips, Spectre “is a problem in the fundamental way processors are designed,” and a new generation of chips may be required to fix the flaw. Researcher Paul Kocher said the threat from Spectre will linger for decades.

“We’ve really screwed up,” Kocher told the Times. “There’s been this desire from the industry to be as fast as possible and secure at the same time. Spectre shows that you cannot have both.”

In The Wild

Though there are proof-of-concept attacks, it’s unknown if either flaw has been exploited “in the wild” yet. But companies are already taking steps to secure computers and update their systems. Be sure to check with your manufacturer on what’s being done with your specific computer.

One thing is for certain: these flaws are unprecedented. Our only hope is that companies will be able to issue patches which are effective enough to prevent attacks, and that would-be attackers will have a tough time exploiting the flaws — especially Spectre.

Phil Dzikiy

Phil Dzikiy

Phil Dzikiy is the former editor in chief of Security Baron. Before, he has worked as a freelance writer and editor at websites like Wirecutter.com and iLounge.com along with publications like the Lockport Union Sun & Journal and the Greater Niagara Newspapers. With digital and print experience under his belt, Phil has a passion for all things technology including home security, cyber security, and the smart home. His bachelor's degree in Journalism from the University of Maryland College Park initially landed Phil his first job at the Beaver County Times, which has lead to over 15 years of experience as a journalist.

Leave a Comment

Trending News

Follow Us

Reviews