|
Briefing
|
- Security Flaws in Processors – Security researchers from Google’s Project Zero, academic institutions and industry discovered security flaws in Intel, AMD, and ARM processors that could let hackers steal passwords and banking information
- Meltdown – Affects most Intel processors manufactured since 1995, enabling hackers to access information in memory used by programs and operating system
- Spectre – Named after “speculative execution,” affects most modern processors from Intel, AMD, and ARM by tricking applications to give information
- Timeline of Events – Google informed impacted companies about Spectre on June 1, 2017 and Meltdown before July 28, 2017, making flaws known to general public on January 3, 2018
- Existing Attacks Unknown – Remains unknown whether hackers already exploited identified flaws, with such attacks hard to trace
- Corresponding Actions – Intel, ARM, Apple, Microsoft, and Google released patches to fix bugs and required users to update their operating system
|
|
Accelerator
|
|
|
Sector
|
Information Technology
|
|
Organization
|
Cyberus Technology GmbH, Data61, Google Inc., Graz University of Technology, Rambus, University of Adelaide, University of Maryland, University of Pennsylvania
|
|
Source
|
-
Gibbs, S., "Meltdown and Spectre: ‘worst ever’ CPU bugs affect virtually all computers",
-
Davies, C., "Google reveals CPU security flaw Meltdown and Spectre details",
-
Weinberger, M., "A government-backed group of experts quietly walked back the suggestion you should replace your processors to fix a big security flaw",
-
"Meltdown and Spectre,"
-
AcceleratingBiz analysis
|
|
Original Publication Date
|
January 4, 2018
|
