Page 86 of 86 FirstFirst ... 36 76 84 85 86
Results 851 to 852 of 852

Thread: Cutting Edge Technology in the news

  1. #851
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    7,843
    Blog Entries
    19
    Whoa, appears this vulnerability has the major players scrambling to repair the bug.


    How to protect your PC against the major ‘Meltdown’ CPU security flaw
    Only Intel machines are affected by Meltdown
    By Tom Warren

    Details have emerged on two major processor security flaws this week, and the industry is scrambling to issue fixes and secure machines for customers. Dubbed “Meltdown” and “Spectre,” the flaws affect nearly every device made in the past 20 years. The Meltdown flaw only affects Intel processors, and researchers have already released proof of concept code that could lead to attacks using Meltdown.

    The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. They also allow an attacker to use JavaScript code running in a browser to access memory in the attacker’s process. That memory content could contain key strokes, passwords, and other valuable information. Researchers are already showing how easy this attack works on Linux machines, but Microsoft says it has “not received any information to indicate that these vulnerabilities have been used to attack customers at this time.”

    Protecting a Windows PC is complicated right now, and there’s still a lot of unknowns. Microsoft, Google, and Mozilla are all issuing patches for their browsers as a first line of defence. Firefox 57 (the latest) includes a fix, as do the latest versions of Internet Explorer and Edge for Windows 10. Google says it will roll out a fix with Chrome 64 which is due to be released on January 23rd. Apple has not commented on how it plans to fix its Safari browser or even macOS. Chrome, Edge, and Firefox users on Windows won’t really need to do much apart from accept the automatic updates to ensure they’re protected at the basic browser level.

    For Windows itself, this is where things get messy. Microsoft has issued an emergency security patch through Windows Update, but if you’re running third-party anti-virus software then it’s possible you won’t see that patch yet. Security researchers are attempting to compile a list of anti-virus software that’s supported, but it’s a bit of mess to say the least.

    A firmware update from Intel is also required for additional hardware protection, and those will be distributed separately by OEMs. It’s up to OEMs to release the relevant Intel firmware updates, and support information for those can be found at each OEM support website. If you built your own PC you’ll need to check with your OEM part suppliers for potential fixes.
    Story Continues




    Add note: The article references current steps you can take:

    Update to the latest version of Chrome (on January 23rd) or Firefox 57 if you use either browser
    Check Windows Update and ensure KB4056892 is installed for Windows 10*
    Check your PC OEM website for support information and firmware updates and apply any immediately

    *The update was NOT installed on my system, I had to search Microsoft, download and install. WIN10 only, a few different flavors be sure you get the right one.
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

  2. #852
    Lead Moderator calikid's Avatar
    Join Date
    Nov 2011
    Location
    Sunny California
    Posts
    7,843
    Blog Entries
    19
    So we wait 5 years for the lawsuit to settle, and then we each get $10.
    Intel facing class-action lawsuits over Meltdown and Spectre bugs

    Plaintiffs claim compensation for security flaws and alleged slowdown that fixing computers will cause, while corporations count cost of corrections
    Dado Ruvic/Reuters

    Samuel Gibbs

    Intel has been hit with at least three class-action lawsuits over the major processor vulnerabilities revealed this week.

    The flaws, called Meltdown and Spectre, exist within virtually all modern processors and could allow hackers to steal sensitive data although no data breaches have been reported yet. While Spectre affects processors made by a variety of firms, Meltdown appears to primarily affect Intel processors made since 1995.

    Three separate class-action lawsuits have been filed by plaintiffs in California, Oregon and Indiana seeking compensation, with more expected. All three cite the security vulnerability and Intel’s delay in public disclosure from when it was first notified by researchers of the flaws in June. Intel said in a statement it “can confirm it is aware of the class actions but as these proceedings are ongoing, it would be inappropriate to comment”.

    The plaintiffs also cite the alleged computer slowdown that will be caused by the fixes needed to address the security concerns, which Intel disputes is a major factor. “Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time,” Intel said in an earlier statement.
    Story Continues
    The aim of an argument or discussion should not be victory, but
    progress. -- Joseph Joubert
    Attachment 1008

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •