Meltdown microprocessors: [Essay Example], 613 words GradesFixer
exit-popup-close

Haven't found the right essay?

Get an expert to write your essay!

exit-popup-print

Professional writers and researchers

exit-popup-quotes

Sources and citation are provided

exit-popup-clock

3 hour delivery

exit-popup-persone
close
This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

Meltdown Microprocessors

Download Print

Pssst… we can write an original essay just for you.

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

Get your price

121 writers online

blank-ico
Download PDF

Specter and MELTDOWN Researchers have recently discovered a design flaw that results in a security vulnerability in the CPU chip that powers the majority of all the world’s computers, including PCs, mobile devices, and servers. This CPU bug allows malicious programs to view data that is being processed in the computer memory. Meltdown is a vulnerability affecting Intel x86 microprocessors and some ARM-based microprocessors. Unlike the related Meltdown vulnerability disclosed at the same time, Spectre does not rely on a specific feature of a single processor’s memory management and protection system but is a more generalized vulnerability. The first reports were published on January 2, 2018, prior to a coordinated disclosure scheduled for the week of January 8. There is no evidence of exploitation at this time, but the publicly disclosed proof-of-concept (PoC) exploit code could result in the vulnerabilities being weaponized for malware delivery.

Further Details

Specter and MELTDOWN are what is known as `speculative execution side-channel attacks.` These attacks exploit performance optimizations used by modern CPUs to access protected memory. Basically, the main chip in most modern computers—the CPU—has a hardware bug. This design flaw has been present since the 1990’s. Normally, applications and the operating system are isolated from each other, so data is not accessible. This hardware flaw breaks that isolation. This means there is a primary risk of malicious actors being able to get access to the encryption keys or your passwords stored in a password manager or browser, your emails, instant messages, donor information, and the like. Cloud servers could be significantly impacted if an attacker exploits these vulnerabilities to break out of a guest virtual host or container. It may also be possible to deliver exploit code via drive-by download to extract information from a victim’s web browser. At this time, limited practical demonstrations of these attack vectors exist. These vulnerabilities have been assigned the following CVEs: – CVE-2017-5753: Bounds check bypass (SPECTRE) – CVE-2017-5715: Branch target injection (SPECTRE) – CVE-2017-5754: Rogue data cache load (MELTDOWN) Intel, AMD, ARM, Microsoft, Google, Apple, Amazon, and other technology vendors are releasing software updates to mitigate the risk from these vulnerabilities. Long-term solutions require re-engineering the vulnerable processor architectures.

A third-party analysis of vendor security updates notes potential performance impact under some circumstances and workloads, as well as conflicts between the OS patches and some software that has significant interactions with the kernel (e.g., antivirus and endpoint security solutions). What should you do about this? Updates and patches are needed for all computers, servers, and other equipment with a CPU. There will most likely be patches for your antivirus software, your operating system software, workstation software, and firmware patches to physical machines themselves. The full patch analysis and patch cycle may take some time because some of the vulnerable component patches are not yet available. Microsoft Azure and Amazon AWS are already in the process or have already patched customer systems hosted on those respective platforms. CTU researchers strongly advise a phased approach to updating vulnerable systems. Once the patches are available, organizations should follow standard best practices for testing updates on systems that match the production environment and should test a subset of updated systems with a representative workload before widely deploying updates in production environments. Databases or systems with high levels of I/O activity may be most significantly impacted.

Organizations should also contact cloud service providers to confirm that platforms that store or process corporate data are updated, especially for shared hosting or infrastructure-as-a-service providers” In the meantime, we recommend that organizations be extra vigilant, and communicate awareness of these vulnerabilities across your organization so that security stays at the top of mind.”

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

100% plagiarism free

Sources and citations are provided

Find Free Essays

We provide you with original essay samples, perfect formatting and styling

Cite this Essay

To export a reference to this article please select a referencing style below:

Meltdown microprocessors. (2018, October 26). GradesFixer. Retrieved October 27, 2020, from https://gradesfixer.com/free-essay-examples/meltdown-microprocessors/
“Meltdown microprocessors.” GradesFixer, 26 Oct. 2018, gradesfixer.com/free-essay-examples/meltdown-microprocessors/
Meltdown microprocessors. [online]. Available at: <https://gradesfixer.com/free-essay-examples/meltdown-microprocessors/> [Accessed 27 Oct. 2020].
Meltdown microprocessors [Internet]. GradesFixer. 2018 Oct 26 [cited 2020 Oct 27]. Available from: https://gradesfixer.com/free-essay-examples/meltdown-microprocessors/
copy to clipboard
close

Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.

    By clicking “Send”, you agree to our Terms of service and Privacy statement. We will occasionally send you account related emails.

    close

    Attention! this essay is not unique. You can get 100% plagiarism FREE essay in 30sec

    Recieve 100% plagiarism-Free paper just for 4.99$ on email
    get unique paper
    *Public papers are open and may contain not unique content
    download public sample
    close

    Sorry, we cannot unicalize this essay. You can order Unique paper and our professionals Rewrite it for you

    close

    Thanks!

    Your essay sample has been sent.

    Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.

    thanks-icon Order now
    boy

    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Having trouble finding the perfect essay? We’ve got you covered. Hire a writer

    GradesFixer.com uses cookies. By continuing we’ll assume you board with our cookie policy.