11/9/2023 0 Comments Meltdown and spectreAdmins in large and complex environments will need to plan deployments. Properly addressing Spectre and Meltdown will require more administrative effort than most other problems. What are the Risks of Running without Patches? That hit is potentially worse than Spectre’s - an estimated 5 percent to as much as 30 percent. The fix for this problem also includes a performance hit. Whether you read more or not, you should assume that any running process can read the memory of any other running process. For a less technical description, Luke posted a great analogy on our MSP blog. You can read the linked Wikipedia article for more information. As with Spectre, Meltdown exploits target the CPU’s optimization capabilities. AMD processors appear to be immune (AMD claims immunity I do not know of any verified tests with contrary results). It affects Intel and some ARM processors. Meltdown belongs to the Spectre vulnerability family. Fixes will affect CPU performance out of necessity. Spectre affects almost every computing device in existence. ![]() All of the ones that I’m aware of involve fooling the CPU into retrieving data from a memory location other than the code’s intended target. Because the Spectre vulnerability encompasses multiple attack vectors, the predictor has more than one vulnerability. The Wikipedia article that I linked contains further links to more details for those interested. ![]() A CPU looks at an instruction series that contains a decision point (if condition x then continue along path a, else jump to b) and guesses in advance whether it will follow the “else” code branch or continue along without deviation. ![]() Spectre is a category of assault that exploits a CPU’s “branch prediction” optimizations. Your operating system or hypervisor choice does not affect your vulnerability. What are Spectre and Meltdown?īoth Spectre and Meltdown are hardware attacks. Below I’ll run down what you need to know to ensure you’re protected plus a benchmark analysis of the performance impact of the recently released update patches. If you’re skimming, then please pay attention to the section on ensuring that you get the update - not everyone will automatically receive the patches. As administrators, we need to concern ourselves with three things: the risks of running unpatched systems, the performance hit from patching, and quality control problems with the patches. Hardware manufacturers and operating system authors have been issuing microcode updates and patches in a hurry. The Spectre and Meltdown vulnerabilities have brought a fair amount of panic and havoc to the IT industry, and for good reason.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |