Ryan recent years. The vulnerability was discovered

Ryan Matheu

P.I.D. #: 3611448

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Weekly News Article

Spectre and Meltdown

               Spectre
and Meltdown are two of the most serious and widespread vulnerabilities exposed
in recent years. The vulnerability was discovered in early 2017, where three
separate groups of researchers reported the vulnerabilities to Intel in June
2017. Although these vulnerabilities are exploited differently, they are both
after the same thing, sensitive information, by exploiting simultaneous
execution, which allows the hacker to see, unencrypted segments of encrypted
memory. Meltdown is a vulnerability where a hacker is able to bypass the
protection barrier between hardware and the kernel and access root information
about the system, which includes search history, saved passwords, documents,
etc; essentially any part of the system they like. While Spectre on the other
hand, is a vulnerability where the hacker essentially tricks programs, or
applications, into giving up sensitive information. This isn’t a vulnerability
in the code itself, but that in how the CPU processes and responds to requests
for information from certain programs/applications. As of now, Spectre affects
all major processors produced after 1995, including Intel, AMD and ARM, which
includes the vast majority of modern computers and smartphones, with very few
exceptions. While Meltdown currently is only known to affect Intel CPUs.

               Although
it may seem like the end of technological security, it is still unclear whether
these vulnerabilities are being utilized by hackers in order to obtain
sensitive information as these attacks are hard to trace; however, I’m sure
there have been various incidents where these vulnerabilities were exploited to
obtain sensitive information. Shortly after these vulnerabilities were
discovered all major companies which were affected began releasing patches to
help mitigate the risk. Between the two, it is said that the easier of the two
vulnerabilities to control would be Meltdown, however, patches have been
released for both. The biggest problem with Spectre is that it resides in the
application, which includes even certain websites that utilize, for example,
JavaScript which makes it far easier to spread across a wide range of users.

               The good
news is, you don’t have to go dark just yet, and stop using all your electronic
devices. As stated above many company’s such as Microsoft, Google, and Apple,
amongst many others have already released various patches to help mitigate risk
associated with Spectre and Meltdown. This doesn’t mean we’re in the clear just
yet as these patches aren’t full-proof, but they do substantially reduce
vulnerability exposure across their respective platforms.

               The only
thing we can really do, as users, to reduce our exposure is to ensure that the
Operating Systems and Applications we use stay up-to-date with the latest
patches. Although this is a more proactive approach which still leaves us
vulnerable until a fix for an exploit is created, that is how vulnerabilities
are assessed, at least most of the time.

Please see link below:

https://www.theguardian.com/technology/2018/jan/04/meltdown-spectre-computer-processor-intel-security-flaws-explainer

Go Top
x

Hi!
I'm Eleanor!

Would you like to get a custom essay? How about receiving a customized one?

Check it out