How to check if your Windows or Linux system is vulnerable to Microarchitectural Data Sampling (MDS) attacks

Intel yesterday disclosed a new group of Microarchitectural Data Sampling (MDS) hardware vulnerabilities that affect its CPUs. Rogue In-Flight Data Load (RIDL), Fallout, and ZombieLoad speculative execution attacks are related to Spectre and Meltdown which were discovered last year, and allow attackers to leak in-flight data from CPU-internal buffers (Line Fill Buffers, Load Ports, Store Buffers), including data never stored in CPU caches. SEE ALSO: Microsoft issues new patch for Windows XP to fight a dangerous ‘wormable’ vulnerability You can find out more about the various vulnerabilities at CPU.fail. The problem affects all modern Intel CPUs across servers, desktops and… [Continue Reading]


Original URL: https://betanews.com/2019/05/15/check-if-vulnerable-to-microarchitectural-data-sampling-mds-attacks/

Original article

Spectre and Meltdown variant 4: Microsoft, Google and Intel reveal new Speculative Store Bypass chip vulnerability

Just when you thought you could forget about the Spectre and Meltdown chip vulnerabilities, yet another variant has been discovered. Known as Speculative Store Bypass, the vulnerability affects chips from AMD and Intel, as well as Power 8, Power 9 and System z processors. The vulnerability has been assigned CVE-2018-3639, and successful exploitation would mean that an attacker could gain access to data. The attack can be carried out through a “language-based runtime environment” such as JavaScript. Some patches exist while others are in development, and they include the same performance hit associated with patches for the previous vulnerabilities. See… [Continue Reading]


Original URL: https://betanews.com/2018/05/22/speculative-store-bypass-variant-4-vulnerability/

Original article

Intel releases updated Spectre and Meltdown patches for Skylake systems

It may have been a while since there was major news about the Spectre and Meltdown bugs, but the problems have not gone away. After previously releasing unstable patches, Intel has now launched a microcode update for Skylake systems. Despite the problems with both stability and performance with Spectre and Meltdown patches, Intel uses an announcement about the latest updates to stress the importance of installing patches in a timely fashion. There’s more than a hint of irony in the fact that Intel had to tell users to stop using an earlier update because of the problems it was causing.… [Continue Reading]


Original URL: https://betanews.com/2018/02/08/intel-spectre-meltdown-patch-skylake/

Original article

Linus Torvalds declares Intel fix for Meltdown/Spectre ‘complete and utter garbage’

 The always outspoken Linus Torvalds, best known for his continuing work on the innermost code of Linux systems, has harsh words to say and accusations to level against Intel. His evaluation of Intel’s latest proposed fix for the Meltdown/Spectre issue: “the patches are COMPLETE AND UTTER GARBAGE.” Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/xRU1d0C7Yhk/

Original article

Google answers your questions about Meltdown and Spectre vulnerabilities

The revelations about the Spectre and Meltdown vulnerabilities affecting millions of processors around the world has raised a huge number of questions for many people. While businesses and large organizations are rushing to ensure that their systems — and their data — are protected, the average computer user has been left wondering what on Earth is going on. While there are a lot of very technical write-ups about the implications of the Spectre and Meltdown bugs, as well as explanations of just how the exploit works, the average Joe has been left somewhat in the dark. To try to remedy… [Continue Reading]


Original URL: https://betanews.com/2018/01/06/google-answers-spectre-meltdown-questions/

Original article

Apple says Meltdown and Spectre flaws affect ‘all Mac systems and iOS devices,’ but not for long

 Apple isn’t immune to Meltdown and Spectre, the major bugs in basic computing architecture that were announced yesterday to widespread amazement and horror. In an announcement, the company said that “all Mac systems and iOS devices are affected,” which sounds right, but that mitigations are either already in place or on the way. Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/mSWJqYj-0Tg/

Original article

Kernel panic! What are Meltdown and Spectre, the bugs affecting nearly every computer and device?

 If you’re confused by the avalanche of early reports, denials, and conflicting statements about the massive security issues announced today, don’t worry — you’re far from the only one. Here’s what you need to know about Meltdown and Spectre, the two huge bugs that affect practically every computer and device out there. Read More


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/D87om8YHWw8/

Original article

Meltdown and Spectre vulnerabilities bring the computing apocalypse, and yes, you are screwed

Earlier today, we reported on some shocking news — there is a serious vulnerability that affects Intel processors. To make matters worse, patching that vulnerability — now known as “Meltdown” — would cause an up-to 30 percent performance degradation. Yikes! If you have an AMD processor, you are safe, right? Yes, but not really. You see, yet another vulnerability has been revealed that impacts pretty much all modern processors, such as those from Intel, AMD, and yeah, even ARM chips. This vulnerability is called “Spectre,” and it has the potential to put the entire technology industry into a tailspin. Seriously,… [Continue Reading]


Original URL: https://betanews.com/2018/01/03/meltdown-spectre-apocalypse/

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: