You might want to take note of this.
Two serious security flaws have been discovered by Google’s Project Zero team, which could enable hackers to access and steal sensitive information in most modern computer processors, including those designed by Intel, AMD, ARM.
These flaws, known as Meltdown and Spectre are capable of affecting almost every modern computer, including any PCs, tablets and smartphones, with users’ passwords, encryption keys and banking information being left vulnerable.
The flaws were caused by “speculative execution”, which most modern processors use to speed up the performance of a device. According to Jann Horn, a Project Zero researcher this convenient tool could be taken advantage of by hackers who could read system memory that should have been otherwise inaccessible.
Meltdown has been described as “probably one of the worst CPU bugs ever found” and is believed to primarily affect Intel processors manufactured since 1995, with the exception being the Itanium server chips and Atom processors prior to 2013.
Spectre could affect most modern processors and could help any hackers to extract, from otherwise error-free applications, any sensitive information.
Writing on Google’s Security blog, Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Program Manager said, “As soon as we learned of this new class of attack, our security and product development teams mobilized to defend Google’s systems and our users’ data.”
They said that Google had also updated systems and affected products to protect them from any new attack, while also collaborating with a range of hardware and software manufacturers in order to protect users and the broader web.
Users and customers are being urged to see if they might require additional steps to ensure that they are using a protected version of any Google products, such as Android, Nexus and Pixel devices without the latest security updates, Google Chrome and Google Cloud.
So far, all G Suite applications have been updated to prevent all known attacks, so no current actions are required by customers and users.
A detailed breakdown of devices in need of further protection has been shared by Google here.
Intel have also insisted that “these exploits do not have the potential to corrupt, modify or delete data”, calling recent reports “incorrect” for claiming that such flaws are unique to Intel products.
Urging customers and users to “apply any available updates as soon as they are available”, Intel further advised that “Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied”, before going on to insist that it believes its own products “are the most secure in the world”.
LISTEN: You Must Be Jokin’ with Conor Sketches | Tiger Woods loves Ger Loughnane and cosplaying as Charles LeClerc
