Spectre and Meltdown: What We Now Know

Spectre and Meltdown: What We Now Know

Spectre and Meltdown: What We Now Know

Intel is now looking into reports that some of its customers are experiencing reboots in systems that update to the latest firmware for Meltdown/Spectre mitigation.

Aside from Nvidia, Intel and Microsoft has also released their respective statements on the issue of the Meltdown and Spectre.

Intel's post came on the heels of a Wall Street Journal story claiming that Intel is teling some customers to delay applying the update to avoid system stability problems.

Following on the heels of Intel detailing its new "Security-First Pledge", the company said it needs to review potential issues users have faced with the firmware patch against the Meltdown vulnerability.

The hardware vendor said these systems are both home computers and data center servers.

The company now says that while it thinks that GPZ Variant 2 is hard to exploit on its chips, it'll still work with its partners to release microcode updates and OS patches to mitigate the vulnerability.

Intel notes that performance for "web applications that involve complex JavaScript operations may see a somewhat higher impact (up to 10 percent based on our initial measurements)" while "graphics-intensive [workloads] like gaming or compute-intensive like financial analysis see minimal impact". And thanks to the efforts of hundreds of engineers, no one has apparently noticed because the fixes haven't slowed down or degraded popular services like Google search, Google Drive, and Gmail. There are important roles for everyone: Timely adoption of software and firmware patches by consumers and system manufacturers is critical. AMD have also reiterated that their CPU architectures are not vulnerable to variant three Meltdown attacks, and that their Radeon GPUs do not use speculative execution entirely and are not susceptible to attacks whatsoever.

It said it had no reason to believe the drivers were troubled by the second flaw, dubbed Meltdown.

Despite the rollout issues, the tech industry is still urging customers to patch their systems. But for those computers that really are performing compute-intensive tasks, you will want to make sure all of other critical security measures are in place taken, including operating system patches.

Altre Notizie