It seems that all too often these days we’re talking about vulnerabilites on the web. This week, we learned of some starlting vulnerabilities affecting many modern CPU microprocessors from all major brands like Intel and AMD.
The vulnerabilities, named Meltdown and Spectre, “are two related, side-channel attacks against modern CPU microprocessors that can result in unprivileged code reading data it should not be able to.”
That’s according to the UK’s National Cyber Security Centre (a division of GCHQ). Put in simpler terms, the attacks can be used to access areas of memory not ordinarily accessible, potentially compromising sensitive data like secret keys and passwords.
This is a big deal for a couple of reasons. The primary is that most modern processors are affected, so if you’ve purchased a computer with Intel or AMD processors (yes, this includes Mac computers), you’re affected. This also affects mobile devices like iPhone!
Secondly, consider the amount of servers in data centers that are running impacted processors. There are many.
While this is considered to be a hardware vulnerability, manufacturers have already begun to issue software patches (Apple, for instance, has already released software updates to address this issue), and cloud service providers are also patching their systems to protect them from attacks.
As a home or business user, the best thing you can do at this point is to download and install updates as frequently as possible. For users running old, unsupports operating systems (like Windows XP), now would be a good time to consider upgrading.
For more information on Meltdown and Spectre, click here.