Meltdown and Spectre CPU vulnerabilities: One week later

Microsoft, Google and Apple have all released patches for Intel, AMD and ARM CPU security risks, but now what?

Intel hq

It’s been almost a full week since researchers publicly released findings on two groundbreaking security vulnerabilities present in almost every single device running Intel, AMD, or ARM CPU architecture.

Dubbed ‘Meltdown’ and ‘Spectre,’ the glitches allow unauthorized access to privileged memory, ensuring that hackers can access private information like credit card numbers, passwords and other details that should otherwise remain secure.

Thankfully, the tech industry has moved relatively quickly to address these security risks, with companies like Microsoft, Google and Apple all issuing patches and updates to protect potentially vulnerable users.

In fact, Apple issued its latest updates as recently as yesterday, sending out a Spectre patch for Safari 11.0.2 and a patch for iOS 11.2.2.

Additionally, according to a story from The Verge, Intel’s CEO Brian Krzanich addressed a CES audience on January 8th, 2018 to state that the company will have patches for 90 percent of Intel products “within a week.”

However, these patches and updates have not been without their pitfalls, especially to enterprise-grade systems.

The Register — which incidentally happens to be the first publication to have broken the Meltdown-Spectre story — reported on January 9th, 2018 that Meltdown and Spectre patches have been slowing down servers and file systems anywhere from 10 to 45 percent.

Microsoft also announced on January 9th that it had halted patches to certain AMD machines after users reported that updates have been freezing machines.

“To prevent AMD customers from getting into an unbootable state, Microsoft will temporarily pause sending the following Windows operating system updates to devices with impactes AMD processors at this time,” said Microsoft in a statement sent to users, according to Reuters.

Microsoft blamed AMD for failing to “conform to technical documentation the chipmaker had provided,” according to Reuters.

With the exception of Microsoft and server-side slowdowns, it seems that the industry’s response to the Meltdown and Spectre vulnerabilities is continuing with few notable issues. However, there’s no denying that no company is providing an all-clear message just yet.

For now, it’s advisable to be wary while downloading anything from unknown sources. Users should also update their devices to the latest firmware or software version.

Source: Reuters, The Verge, The Register

Update 09/01/2018: A Microsoft spokesperson has responded to MobileSyrup‘s request for comment.

“Microsoft has been working closely with chip manufacturers to develop and test mitigations to protect our customers. We’re in the process of deploying mitigations to cloud services and released security updates on January 3rd, 2018 to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, ARM, and AMD. We have not received any information to indicate that these vulnerabilities have been used to attack our customers.”

MobileSyrup may earn a commission from purchases made via our links, which helps fund the journalism we provide free on our website. These links do not influence our editorial content. Support us here.

Related Articles