Home Applications Citrix: Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next

Citrix: Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next

0
Citrix: Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next
0

Over the last couple of weeks, everyone in the IT industry has been keeping a close eye on a new class of security attacks that are taking advantage of a design flaw in modern computer processors. This is an industry-wide issue, not a problem specific to any operating system, hypervisor, or application. There are three separate vulnerabilities that were discovered and reported by multiple security teams, named Spectre (variant 1 & 2) and Meltdown (variant 3).

VulnerabilityCVEExploit NamePublic Vulnerability Name
Spectre2017-5753Variant 1Bounds Check Bypass
Spectre2017-5715Variant 2Branch Target Injection
Meltdown2017-5754Variant 3Rogue Data Cache Load

Since public disclosure, there have been misunderstandings and inaccurate reporting on these vulnerabilities. One of the reasons for this is that there are three separate vulnerabilities and reports are often not differentiating between them. Another reason is that these vulnerabilities impact lower layers of the stack, which are less familiar to administrators responsible for software running at the higher layers.

Much has already been written about Meltdown and Spectre. All three variations could allow unprivileged code to read privileged memory locations, however it is important to differentiate between them, as there are different mitigations for each of them. Below is a simple summary table based on our understanding to date:

MeltdownSpectre
Ease of exploitationEasyHard(er)
Ease of mitigationEasyHard
Performance impactLowerHigher
Processors impactedIntel, some ARMIntel, AMD, ARM
Requires firmware update?NoYes (variant 2)

So, what is so special about these vulnerabilities? A few different aspects are unique.

Read the entire article here, Meltdown and Spectre: Understanding the Performance Impact, Current State & What’s Next

Via the fine folks at Citrix Systems, Inc.

Categories:
Citrix Systems Citrix (NASDAQ:CTXS) aims to power a world where people, organizations and things are securely connected and accessible to make the extraordinary possible. Its technology makes the world’s apps and data secure and easy to access, empowering people to work anywhere and at any time. Citrix provides a complete and integrated portfolio of Workspace-as-a-Service, application delivery, virtualization, mobility, network delivery and file sharing solutions that enables IT to ensure critical systems are securely available to users via the cloud or on-premise and across any device or platform. With annual revenue in 2015 of $3.28 billion, Citrix solutions are in use by more than 400,000 organizations and over 100 million users globally. Learn more at www.citrix.com.

Share your view, leave a comment below:

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    IGEL Community Releases Free “How-To Install and Configure the IGEL Software Platform” Made Easy Book

    “Life is really simple, but we insist on making it complicated.” -Confucius I’m thrilled and proud to introduce you to the first version of the ‘IGEL Software Platform: Step-by-Step Getting Started Guide.‘  A free book, written by the IGEL Community, on how to install and configure the IGEL software stack, all screen-shot by screen-shot. Simply […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        Latest Videos

          VMware says Blame the Technology, Not the Technician – Video

          For installation, maintenance, repair, and other field calls, the frustration that comes with janky technology is all too familiar. Between ordering new parts and getting into your accounts, you can spend more time fiddling with technology than you get for your lunch break. But VMware’s digital workspace solutions make it simple to work on the […]

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Register Today for Disrupt End User Computing Forum 2018

          Visit Our Sponsors

          Close