Home Applications Citrix: Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next

Citrix: Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next

Citrix: Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next

Over the last couple of weeks, everyone in the IT industry has been keeping a close eye on a new class of security attacks that are taking advantage of a design flaw in modern computer processors. This is an industry-wide issue, not a problem specific to any operating system, hypervisor, or application. There are three separate vulnerabilities that were discovered and reported by multiple security teams, named Spectre (variant 1 & 2) and Meltdown (variant 3).

VulnerabilityCVEExploit NamePublic Vulnerability Name
Spectre2017-5753Variant 1Bounds Check Bypass
Spectre2017-5715Variant 2Branch Target Injection
Meltdown2017-5754Variant 3Rogue Data Cache Load

Since public disclosure, there have been misunderstandings and inaccurate reporting on these vulnerabilities. One of the reasons for this is that there are three separate vulnerabilities and reports are often not differentiating between them. Another reason is that these vulnerabilities impact lower layers of the stack, which are less familiar to administrators responsible for software running at the higher layers.

Much has already been written about Meltdown and Spectre. All three variations could allow unprivileged code to read privileged memory locations, however it is important to differentiate between them, as there are different mitigations for each of them. Below is a simple summary table based on our understanding to date:

Ease of exploitationEasyHard(er)
Ease of mitigationEasyHard
Performance impactLowerHigher
Processors impactedIntel, some ARMIntel, AMD, ARM
Requires firmware update?NoYes (variant 2)

So, what is so special about these vulnerabilities? A few different aspects are unique.

Read the entire article here, Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next

Via the fine folks at Citrix Systems, Inc.

Citrix Systems Citrix (NASDAQ:CTXS) aims to power a world where people, organizations and things are securely connected and accessible to make the extraordinary possible. Its technology makes the world’s apps and data secure and easy to access, empowering people to work anywhere and at any time. Citrix provides a complete and integrated portfolio of Workspace-as-a-Service, application delivery, virtualization, mobility, network delivery and file sharing solutions that enables IT to ensure critical systems are securely available to users via the cloud or on-premise and across any device or platform. With annual revenue in 2015 of $3.28 billion, Citrix solutions are in use by more than 400,000 organizations and over 100 million users globally. Learn more at www.citrix.com.

Featured Resources:

Related Articles:


White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]


      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors