Concerned about the recent revelations about security exploits in device processors? Here’s a breakdown of what’s happened and how they will affect you.
Two security flaws were recently announced on 3rd January 2017 that affects almost every device – from your desktop PC to your smartphone, tablet, laptop and even smart devices. For detailed information you can read about both exploits at meltdownattack.com – a information site established by the researchers at Graz University who helped discover the two exploits
Both the Meltdown and Spectre exploits expose vulnerabilities in the way a modern multi-threading processor work by executing multiple instructions simultaneously. This is a trait found on all modern processors.
Meltdown is an exploit that primarily affects all Intel processors and certain ARM processors. According to Intel, Meltdown is a potential exploit that can take advantage of a processor’s ‘speculative execution’ technique that is a design feature of Intel processors. Google has stated that this feature is found on all Intel processors dating back to 1995! If used by a malicious virus or application, the Meltdown exploit could allow the virus to read ‘secure’ data such as passwords.
As 80% of the worlds computers use Intel processors almost everyone will be affected. However, there has been no record of any malicious virus using this exploit and software patches have already been released.
Spectre affects Intel, AMD and ARM processors. This means that a host of devices that use ARM-based processors are affected, including Qualcomm’s Snapdragon, Apple’s A-series, Samsung’s EXYNOS and Huawei’s Kirin series. This means that literally every modern device is affected, especially those with web-browsing.
How to protect yourself
Patches for the vulnerabilities have already become available, so to protect yourself you need to ensure the following:
PC Processors: Many PC brands will have already have rolled out security updates to remedy Meltdown, so ensure that your PC or laptop has the latest security update.
OS updates: Microsoft Windows, Apple iOS & macOS and Google Android & Chrome OS have been patched with the latest release (as of 4th Jan 2018) so ensure that your mobile devices, PCs and tablets have all been updated.
Browser updates: Here’s where it gets a bit messy – Microsoft has already released a security patch for Explorer and Edge; Apple will release a Safari update “in coming days” while Google has announced that the Chrome browser will be updated on 23rd Jan 2018. Firefox has received a temporary fix while Opera will be updated by the end of January. You can find more information on browser updates here.
Is there a need to worry?
While there’s currently a huge buzz in the tech and mainstream media regarding the Meltdown and Spectre vulnerabilities, at this point there’s no evidence that these exploits were ever used for malicious purposes, and as most modern devices and PCs have automatic firmware/security update cycles, you’re probably already protected – but just in case make sure you’ve recently updated your OS and apps to the latest versions.
There are concerns that the fixes may affect you is in processor and browser performance. For example, Apple states that they have not detected any slowdown in processor performance while the Safari browser may slightly drop performance by up to 2.5%. According to PCWorld – while some high-end task may see significant slowdowns, other tasks, including websurfing, video streaming and even high-end gaming, won’t have any noticeable drops.