Processors are designed to protect the most sensitive memory part of billions of computers. So what happens, if the processor can no longer accomplish this task? Recent research conducted by Google's Project Zero Team indicates that two primary flaws are affecting modern computers running on Intel, AMD, and ARM processors.
The flaws which are now referred to as Meltdown and Spectre work by isolating untrusted computer programs from accessing some processes on the device or the deep layers of the OS where sensitive information is stored. Hackers are only required to run a certain code on the target computer, and they gain access to all the personal data and even the data stored in the memory of other running programs. The two bugs are affecting all computers that were manufactured in the past 20 years.
The effects of these two bugs can be more devastating on cloud computing services such as Amazon Web Services where more than one virtual machine coexists on the same physical server. If hackers gain access to one of the virtual machines, then they can also access the data held by its neighbours.
With almost two-thirds of the affected computers running on Intel processors, the company says that it has already made major progress in rolling out security patches and related firmware updates that will protect their users against the two bugs. Intel says that it is completing the issuance of critical updates to almost all of its processors that were introduced in the past five years and hope to issue updates to at least 90% of its processor products in the next one week. However, different sources complain about drastic performance break-ins after the update. Intel hopes to fix this issue in future patches.
Microsoft, on the other hand, has also started implementing Windows 10 latest security patches and software updates to protect its customers. Apple has already implemented a partial fix for the bug in its MacOS 10.13.2 with more security enhancements expected to be released alongside 10.13.3 version.
Passwörter stellen schon lange eine Herausforderung für die Cybersicherheit am Arbeitsplatz dar....