MANILA, Philippines – A now-disclosed flaw in processor chips affects more than just Intel’s processors, according to the latest word from security researchers.
Revealed on Tuesday, January 2 (January 3, Manila time), the hardware vulnerabilities, known as Meltdown and Spectre, “allow programs to steal data which is currently processed on the computer.”
These vulnerabilities affect processors from AMD, ARM, and Intel, as well as devices and operating systems running on those processors. Most computer and mobile phone users, therefore, are automatically affected by the issue.
Though programs aren’t normally allowed to read data from other programs, researchers explained that “a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.”
Google added in its explanation, “There is no single fix for all three attack variants; each requires protection independently. Many (processor) vendors have patches available for one or more of these attacks.”
A laymanized explanation of the processor vulnerabilities is available on MeltdownAttack.com and on this Google blogpost. Additional technical information is available on Google’s Project Zero post by researcher Jann Horn. – Rappler.com