Skip to content

OPLIN 4Cast #576: Meltdown and Spectre Security Attacks

Posted in 4cast, and Security

The news went public last week of the discovery of two major vulnerabilities with widespread impact, affecting personal computers, mobile devices, and cloud services. “Meltdown” allows user applications (like browsers) to access kernel memory, normally reserved for the operating system. The “Spectre” vulnerability exploits techniques normally used to speed up processing, and tricks other applications into revealing information in their memory structures. The major web browser providers are issuing patches as a first line of defense. Initial concerns were that operating system fixes could slow processing by up to 30%. Of most concern are cloud services; while there is no indication that the exploits currently available could work against these platforms, companies are taking the threat seriously and doing everything they can to contain it.

From the Ohio Web Library: