Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: info@c2techs.net

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Onsite Support
    • Encryption
    • Backups
  • ABOUT
    • Privacy Policy
FREECONSULT

New security flaw in Intel CPUs revealed

  • 0
Christopher Woo
Tuesday, 14 May 2019 / Published in Woo on Tech

New week, new punching bag: this time, Intel returns to the spotlight with yet another flaw in its CPUs, up to and including the most recent 9th generation processors as well as going back as far as ones produced in 2008. This week has been absolutely bananas for technology issues so I’m going to keep the literary gymnastics to a minimum. Truth be told, I’m still trying to wrap my head around the technical details of this latest exploit, but here’s a simplified explanation of what I understand so far.

What this means for you: apply updates and stay patched!

Two independent groups of researchers as well as Intel themselves have been quietly working on identifying a new, serious exploit in how Intel CPUs operate. Unlike typical security flaws that can be patched with software, vulnerabilities like this one, dubbed RIDL, Fallout, or MDS (depending on who you talk to) are a result of how the CPU was designed to operate. This new flaw, along side the two previously announced Spectre (2017) and Fallout (2018) vulnerabilities, fall into a class of exploits that are based on a core design of Intel architecture originally built to help computers run faster. Put as simply, predictive processing guesses what the CPU is going to be asked to do next and have the necessary code or data already loaded into nearby caches. Previous exploits looked at the predictions, and the latest basically looks at the guesses that turned out to be wrong or unused. Each discarded guess only contains a few bytes of data, but given a focused attack repeated thousands or millions of times, the leaked data can eventually be amassed into a significant security breach.

Interestingly enough, Intel has known about this particular flaw for an undisclosed amount of time, and has already been working with major industry players like Microsoft, Google, Apple and the usual Windows PC manufacturers to patch or mitigate the vulnerability, which may or may not already be applied to your equipment. At this point, unless you really like reading technical bulletins like this one, I’d recommend paying close attention to update notifications from your computer’s manufacturer as well as applying security patches to your various devices, regardless of their business or personal focus. As with the previous two vulnerabilities, Intel and manufacturers are being cagey about pointing out exactly which updates might be addressing this particular issue, or even if they’ve already been fixed (as many manufacturers will assert), and Intel itself is downplaying the severity of the flaw, despite differing opinions from the independent research groups. Intel discounts the severity based upon the relative sophistication required to exploit the flaw, but researchers rightly point out that though the flaw may be hard to exploit, the data it exposes is highly sensitive and previously thought completely secure.

falloutflawIntelmeltdownRIDLsecurityspectre

Recent Posts

  • Confidential data from 533M Facebook accounts resurfaces on internet

    Despite the fact that a database containing per...
  • AT&T doesn’t believe you need faster internet

    Last week I wrote an article about another mega...
  • Apple-logo.png

    Apple choses profit over ideology

    If there is one thing that has been consistent ...
  • Misleading Signs

    Handful of accounts responsible for vaccine distrust on Facebook

    I would hazard a guess that a large percentage ...
  • ID-100144458.jpg

    60K Exchange Email Servers Compromised by Exploit

    As if the SolarWinds fiasco wasn’t enough...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP