What are Meltdown and Specter vulnerabilities?


Specter and Meltdown are the names given to a trio of variants about a security vulnerability that affects nearly all computer chips manufactured in the past 20 years, these Meltdown and Specter vulnerabilities are very basic and so common that security researchers call them a disaster.


Specter and Meltdown are two new methods that hackers use to attack Intel, AMD and even ARM processors. This vulnerability is derived from features integrated into the chip that help them run faster. Although software patches have been released promptly, they affect system performance.

What are Specter and Meltdown?

Specter and Meltdown are different variants of the same underlying flaw that affects nearly every computer chip manufactured in the last 20 years, and if exploited will allow an attacker to access the data first. This is considered to be completely confidential. Security researchers discovered these vulnerabilities in late 2017 and announced them in early 2018. Technically, there are three variants of this vulnerability, each with its own CVE number. ; two of those variants are grouped together called Specter and the other one is called Meltdown.

All variants include a malicious program that gains unauthorized data access by exploiting two important techniques used to speed up computer chips called speculative execution and caching.

lo hong meltdown and specter is 2

What is the difference between Specter and Meltdown?

Both Specter and Meltdown allow hackers to illegally access data using the above two techniques, but the extent to which these two vulnerabilities differ:

Meltdown was given this name because it melted the security line often by hardware. By exploiting Meltdown, an attacker uses a program running on a computer to gain access to data on all devices that are normally not viewable, including data of other programs and data. whether only the administrator has access. Meltdown does not require a lot of knowledge about the operation of the hacked program and only affects certain types of Intel chips.

By exploiting the Specter vulnerability, an attacker makes a program that exposes its own data supposed to be kept secret. Specter requires deeper knowledge of the inner workings of the hacked program and does not allow access to data of other programs but works on any type of computer chip.

lo hong meltdown and specter is 3

Patches against Specter and Meltdown

The underlying flaw exists at the hardware level and cannot be patched. However, most vendors are releasing software patches to fix this problem. The KAISER patch, developed in 2017 to enhance the security of the Linux operating system, is really effective in preventing attacks by Meltdown. Large cloud platform vendors such as Microsoft, Apple and Google have also taken measures to protect their servers.

Because JavaScript in the browser is a particularly dangerous provider for Specter attacks, it is important that you update your browser regularly.

It is worth noting that the old computer systems such as Windows XP almost never have patches, the remaining object is millions of cheap Android devices also do not receive an update from Google.

If you want your computer infected with Specter and Meltdown or not, you follow the article Check for vulnerabilities Specter and Meltdown here.

https://thuthuat.taimienphi.vn/lo-hong-meltdown-va-spectre-la-gi-39202n.aspx
In addition to the Meltdown and Specter vulnerabilities, the Zero-Day vulnerability is also one of the vulnerabilities that users will likely be exploited by network attackers, so you need to understand it through the article. Zero-Day flaw what? What effect on the computer?

.

Add a Comment

Your email address will not be published. Required fields are marked *