Meltdown and Spectre Exploits are Available!

Windows Articles

How to install Redis on CentOS 8?

Hello, friends in this post, we will show you how to install Redis on CentOS 8 As we well...

How to enable and disable startup applications in Windows 10

Hello! Windows 10 is an attractive and very easy to use system. However, some criticism has come for being too "heavy". That...

How to install Oracle Java 15 on Ubuntu 20.04 / 18.04?

Hello, friends. We know that Java is one of the most popular programming languages and now it's version 15. So in this...

How to run the Linux Tail command in Windows 10.

Hi! The title of this post may seem incongruous, but it's not. In fact, for some time Microsoft has approached positions with...

How to compress large videos in Windows 10

Hello, how are you? Multimedia resources are definitely used in any system. Indeed, we live in the age of technology. That's why...
Mel Khamlichi
Mel Khamlichihttp://www.osradar.com
Founder of Osradar, from Amsterdam Netherlands

We all have heard about the Meltdown and Spectre – two serious bugs found in the systems of all the chips that would allow hackers to access unwanted information without any warning. Hackers already are trying to use these exploits. In theory, these bugs are hard to exploit. But presently, security researchers succeeded in creating working exploits that use Meltdown and Spectre and able to steal info.

Security experts from Princeton University and NVIDIA have currently authored a new research paper that explains the “MeltdownPrime” and “SpectrePrime”. These exploits use the side-channel timing attacks to leverage the modern processor flaws. The attacks are able to extract data from the processor’s cache memory that might contain confidential info like passwords.

According to the report of the Register, the proof-of-concept exploit “SpectrePrime” has been successfully used on a MacBook with Intel Core i7 processor. However, the MeltdownPrime hasn’t been successful to demonstrate the capability of an actual hardware. Note that Meltdown massively infects Intel chips.

The Risk

Fortunately, we don’t have to panic just yet. For security reason, the codes used for creating the exploits haven’t been released, ensuring no imminent risk for the time being. However, the security experts developed exploits in the lab, meaning that the real criminals are already on the brink of creating such exploits. The current system patches are able to protect from Meltdown and Spectre like MeltdownPrime, SpectrePrime, and other potential exploits. We’re now waiting for Intel to release an official patch for these bugs.

According to security researchers, processor manufacturers might be facing extreme difficulty in making hardware changes to ensure immunity from these bugs. The flaws are so deeply integrated with the current silicon processors that covering the Meltdown and Spectre along with all the possible flaws might be extremely difficult.

Flawless Processors

The easiest and the most effective solution now is to change the hardware that can be costly for most. Intel announced that they’ll release Meltdown and Spectre free processors will arrive later this year. AMD also announced that their Meltdown and Spectre free processor (Zen 2 architecture) will arrive market in 2019. Until then, we have to stick with the software patches that has become a real mess all around the world. It’s also a matter to consider whether those will be really free from these bugs.

Intel’s Bug Bounty

In the meantime, Intel has increased the price of ‘bug bounty’ to get more help from the community on different flaws. The scheme is currently offering $250,000 for side-channel bugs/flaws like Meltdown and Spectre. The bounty for other channels has become around $100,000.

This program is available for everyone. That means that now, any security researcher may contribute to processors whereas previously, Intel only allowed invited researchers. This ensures that more people are hunting down the bug(s) and hopefully, find them out faster before the world knows them.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install Redis on CentOS 8?

Hello, friends in this post, we will show you how to install Redis on CentOS 8 As we well...

How to enable and disable startup applications in Windows 10

Hello! Windows 10 is an attractive and very easy to use system. However, some criticism has come for being too "heavy". That...

How to install Oracle Java 15 on Ubuntu 20.04 / 18.04?

Hello, friends. We know that Java is one of the most popular programming languages and now it's version 15. So in this...

How to run the Linux Tail command in Windows 10.

Hi! The title of this post may seem incongruous, but it's not. In fact, for some time Microsoft has approached positions with...

How to compress large videos in Windows 10

Hello, how are you? Multimedia resources are definitely used in any system. Indeed, we live in the age of technology. That's why...
x