Intel chip flaw: Assess Meltdown & Spectre patch performance impacts
The Intel chip flaw in AMD, ARM and Intel processors is the latest security concern throwing Silicon Valley into a frenzy. But what is the flaw and what are Meltdown and Spectre, exactly? Here’s the quick and dirty:
The Intel chip flaw consists of a couple of security vulnerabilities giving way to two methods that can expose sensitive information to non-privileged users: Meltdown and Spectre.
Fortunately, Meltdown and Spectre have reportedly not been used in any attacks to date and this may be attributed to the fact that they need specific malware to be effective.
That said, the Intel chip flaw, initially found by Google, exploits speculative execution, a common technique in most Intel processors that predicts likely actions and executes them for a smoother and faster computing experience. Should the prediction be incorrect, the speculative work is thrown out. Both Meltdown and Spectre exploit this feature by bringing user-level visibility into those admin-level actions exposing sensitive information including credentials, cryptographic keys, emails, etc.
Meltdown is an Intel-only vulnerability that exploits Intel’s privilege escalation and speculative execution while Spectre is a vulnerability in Intel, ARM and AMD processors that uses branch prediction as well as speculative execution (Learn more in this Daniel Miessler blog). One of the biggest differences between the two comes from how the issues are patched: Meltdown’s patches are more straightforward, Spectre’s are more complex.
Read the entire article here, Intel chip flaw: Assess Meltdown & Spectre patch performance impacts
Via the fine folks at Lakeside Software.