![]() ![]() Perhaps the broadest term for the vulnerabilities in question would be "speculative execution vulnerabilities." What do all these names mean?Ī vulnerability may be known by many names. The end result of leveraging Meltdown and Spectre could include leaks of sensitive data such as passwords and credit card information, among other things. Speculative execution is a processing feature that enables computing devices to run faster by predicting what will happen next in an app, and preemptively working toward multiple possible outcomes all at once. "Meltdown" and "Spectre" are nicknames for techniques that can enable an attacker to access computer memory that shouldn't be accessible this is accomplished by abusing a technology called "speculative execution." (At least, that was the plan until "python sweetness" and The Register brought the issue out of obscurity and into the public spotlight.) It turns out that Intel and a handful of software development giants, among them Apple, Microsoft, and the Linux kernel developers, have known about the design flaw since at least November 2017 and have been working behind the scenes to prepare for a coordinated public disclosure and remediation of the issue. Macs, along with the vast majority of the world's Windows and Linux PCs, use Intel processors.Īs more information came to light in the subsequent days, it became clear that more than just Intel CPUs are affected there are also implications for other processor architectures, including AMD processors as well as ARM-based processors like those found in Apple's iPhones and iPads. The Register published an article the following day that emphasized the design flaw with regard to Intel processors, and from there snowballed into a worldwide discussion about a serious flaw in Intel CPUs that had major security implications. On Monday, January 1, 2018, a developer blog, called "python sweetness," brought to light an issue in which "there is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve." Never fear, that's why we're here! It's a complex problem, but we'll break it down and share the main tidbits about these vulnerabilities you need to know as a user of Apple products. You've probably heard something about " Meltdown" and " Spectre," perhaps even in the mainstream media, and you likely heard that it has something to do with an Intel security flaw.īut do you know how it affects your Apple devices-your Mac, iPhone, iPad, iPod touch, Apple Watch, or Apple TV-and what actions you may need to take to stay safe? If you are using one of the following OSs, visit their official website for more details.Posted in the Intego Mac Security Blog on January 8th, 2018 by Joshua Long Ubuntu: Add the kernel parameter nospectre_v2=off.CentOS, EulerOS, Fedora, Debian, Red Hat, and OpenSUSE: Add the kernel parameter spectre_v2=off.To prevent the Spectre vulnerability fixing from deteriorating the system performance, or a better protection solution is available, perform the following operations to disable the patch: Disabling the Spectre Vulnerability Patch.Debian and OpenSUSE: Add the kernel parameter pti=off. ![]() CentOS, EulerOS, Ubuntu, Fedora, and Red Hat: Add the kernel parameter nopti.To prevent the enabling of PTI from deteriorating the system performance, or a better protection solution is available, perform the following operations to disable the patch: Disabling the Meltdown Vulnerability Patch. ![]() No obvious impact was detected for the patch in Red Hat performance tests. The CVE-2017-5753 vulnerability is fixed by a kernel patch and cannot be disabled. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |