The dust has yet to settle on the recent revelation of critical vulnerabilities in microprocessors that most modern computers worldwide, but it’s already troublingly clear that fixing the problem isn’t simply a matter of applying the latest vendor security updates.
Last week’s disclosure by researchers from Google’s Project Zero team and research teams from academia of the vulnerabilities in most Intel processors and in some AMD and ARM processors have left organizations scrambling to gather and track security updates available for their firmware, operating systems, and browsers. Given that operating system patches can incur significant performance hits – some experts are estimating up to 30% degradation for Linux and Windows platforms – there’s a lot at stake in fixing the flaws.
Patching is the only option to mitigate risk of a Meltdown or Spectre attack, but it’s still not a perfect solution.
Read more about why the discovered design flaw in microprocessor hardware is likely only the tip of the iceberg for hardware vulnerabilities yet to be unearthed on DarkReading.