Meltdown and Spectre Bugs | Basics You Should Know
The year has just started and we already
have two major vulnerabilities as new year gift, impacting almost all the
processors made in the last 20 years. 2018 looks even worse if think 2017 was
the year of security nightmares.
So here I am going to brief about them
and try to summarize it as simple as possible.
Before started let’s look at what are Meltdown and Spectre?
Meltdown and Spectre are similar vulnerabilities that impact the processors of
a computer (also called CPU). Your smartphone and tablets are also a type of
computer and thus these ARM CPU vulnerabilities may also impact them.
Bugs
steal information from the deepest, most protected part of a computer's
operating system, known as the kernel, no longer spat out random characters but
what appeared to be real data siphoned from the sensitive guts of his machine:
snippets from his web browsing history, text from private email conversations.
Although both are similar but not the
same.
Meltdown
It allows a program to access the Kernel’s
private memory areas.
Meltdown vulnerability allows a program
to access the kernel’s private memory areas which can contain the secrets
(including passwords) of other programs and the operating system.
This vulnerability is exclusive to
Intel CPUs and it can be exploited on shared cloud systems. Thankfully, it can
be patched by system updates. Microsoft, Linux, Google, and Apple have already
started to provide the fix.
Spectre
It also deals with kernel memory but it
is somewhat different. This vulnerability actually allows a malicious program
to trick another process running on the same system to leak their private
information like your web browser to reveal the password in use.
This vulnerability impacts Intel, AMD
and ARM devices. This also means that chips used in smartphones and tablets are
also at risk here.
Unlike Meltdown, Spectre is hard to
patch but also hard to exploit. Patches are under development might release
soon.
If you ask me how to protect your computer from them than I
am also helpless as you are because the only thing we can do is to wait for the
patches update. Most of the Linux distros have already released the patches,
other distros and Operating systems should also release the patches soon.
I can only suggest, keep checking for an update for every software installed in your PC like Web Browser, Apps etc.
Subscribe My YouTube Channel - http://bit.ly/2x7HSsw
Like Our Facebook Page - www.fb.com/RubanTheGeek
Follow Us on Twitter - www.twitter.com/ruban_thegeek
Like Our Facebook Page - www.fb.com/RubanTheGeek
Follow Us on Twitter - www.twitter.com/ruban_thegeek
*News details are collected from various sources from the Internet.
Comments
Post a Comment