Article

Categories B2B, B2C, Technology

Meltdown & Spectre: The security flaw that affects us all

Project Zero have uncovered major vulnerabilities in processors going back as far as 1995 - how can you protect yourself from the recently discovered security threat?

This week, Google's in-house security team known as Project Zero announced details of multiple major security flaws affecting processors dating back as far as 1995 from Intel, AMD and ARM CPUs, regardless of the operating system – so there won’t be anyone unaffected here.

These flaws have been named as Meltdown: https://meltdownattack.com/ and Spectre:https://spectreattack.com/

These vulnerabilities could potentially allow an attacker to read arbitrary memory locations on a server,  workstation or any device, thus leaking highly sensitive information such as passwords, private data or customer data. This affects both physical and virtual servers, workstations and devices.

Companies including Microsoft, Amazon, Apple and Google are in the process of issuing patches* which should be available in the next few days, with some beta versions already available for testing. Patches are now available for some Windows and Linux builds. For Linux these are now making their way into downstream distributions.

*Patches are normally small (but sometimes large) updates to the software or data that are meant to improve the solution, often through performance or security improvements, but also could be bug fixes to resolve a problem.

Whilst it may sound crazy, this also affects tablets and mobiles. You’ll see press coverage aimed at Intel and Apple as that will generate clicks for the articles, but it will literally affect everyone.

Performance Impact

As the vulnerability is due to a physical hardware design flaw, patches to fix these vulnerabilities require extensive changes to the operating system kernels. These fixes unfortunately have a significant performance impact.

It has been reported that systems can expect a 5-30% performance drop depending on the nature of the workload. There are some reports of up to 60% in certain test cases. This may impact website performance, causing longer page load times. Monitoring reports will be reviewed to indicate what impact has been identified, and your Digital Planner and Support team will work with you to identify where this can be recovered.

Public Information

The vulnerabilities have the following CVE codes:

Additional information can also be found here:

 

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Marketing Emails vs Newsletters: What’s the Difference?

Marketing Emails vs Newsletters: What’s the Difference?

If anyone can clarify the difference between marketing emails and newsletters, it’s Alexander Melone, co-founder of San Francisco-based email marketing agency CodeCrew. But, as we’re about to find out, the distinction...

Alex Melone
Alex Melone 14 November 2023
Read more
10 Factors that Influence Customer Buying Behaviour Online

10 Factors that Influence Customer Buying Behaviour Online

Now is an era where customers take the center stags influencing business strategies across industries. No business can afford to overlook factors that could either break the customer experience or even pose a risk of...

Edward Roesch
Edward Roesch 4 June 2018
Read more
How to Review a Website — A Guide for Beginners

How to Review a Website — A Guide for Beginners

Whether you're a startup or an established business, the company website is an essential element of your digital marketing strategy. The most effective sites are continually nurtured and developed in line with...

Digital Doughnut Contributor
Digital Doughnut Contributor 7 January 2020
Read more
Customer-Centric Marketing: The Heartbeat of Modern UK Retail

Customer-Centric Marketing: The Heartbeat of Modern UK Retail

The UK retail scene, with its diverse offerings from luxe brands to quaint local stores, is witnessing a paradigm shift: The rise of customer-centric marketing. This isn’t just about selling; it’s about understanding,...

Andrew Addison
Andrew Addison 21 November 2023
Read more
Best Practices for Effective Dashboard Design

Best Practices for Effective Dashboard Design

In the age of data-driven operations, dashboards have emerged as an essential tool for businesses. They serve as a gateway to data, enabling users to monitor, analyze, and visually represent vital performance...

Ravi Shukla
Ravi Shukla 17 November 2023
Read more