Meltdown and Spectre

[appbox amazonapps ]Meltdown and Spectre

Your personal computer, Mobile phone are not safe. Your data is not safe. There are some vulnerabilities which bypass your device’s security and hamper your data. You never knew but since 1995 it’s been 20 years your devices are under watch by hackers.

Meltdown and Spectre

The two most dangerous vulnerabilities are Meltdown and Spectre. And believe it or not, these two vulnerabilities are on your device since 1995. And lets hackers access data from any location in the physical memory of a system. As per Daniel Gruss,”An attacker might be able to steal any data on the system”.

As per our information, all of the Intel chips are affected by these Vulnerabilities. Also, not all but few AMD chips also vulnerable. AMD, however, said: “Due to differences in AMD’s architecture, we believe there is a near zero risk to AMD processors at this time.” Cortex-A chips from ARM are also affected. These Cortex-A cores are also used in Qualcomm’s popular Snapdragon series.

Meltdown is one of those hacks by using which. An unprivileged application such as Javascript code could potentially read your password from memory. And export them anywhere on the internet. Mozilla said that they found that a javascript based attack is possible to prevent this they are providing a patch for Firefox to mitigate this.

Intel say’s that meltdown attackers cannot modify the RAM of a PC or phone. But Spectre can, however, trick applications into revealing information.

However, Microsoft is the fastest among all others to give a security patch to address the issue.

Microsoft says:

We’re aware of this industry-wide issue and have been working closely with chip manufacturers to develop and test mitigations to protect our customers. We are in the process of deploying mitigations to cloud services. And have also released security updates to protect Windows customers against vulnerabilities. Affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities had been used to attack our customers.

The Windows 10 patch will be automatically applied at 5PM ET / 2PM PT today, while patches for older versions of Windows will roll out on Patch Tuesday. Microsoft has not said if they will be patching Windows XP.

Also, Apple reportedly patched these vulnerabilities for macOS 10.13.2 and patches for Linux systems are also available and new processors are expected to be re-engineered further address the issue.

All these patches work for Meltdown attacks, but there is no fix for Spectre attacks, they might haunt us for years.

You might also like How to Fix Error INET_E_RESOURCE_NOT_FOUND? Broken Microsoft Edge, Cortana and Store