“The majority of Cisco products are closed systems, which do not allow customers to run custom code on the device”, it said.
Meltdown affects any computer or laptop running an Intel processor released since 1995, according to the findings, whereas Spectre would affect smartphones as well as computers and cloud servers that run Intel, ARM and AMD processors.
If this wasn’t enough proof that Apple devices are safe from the flaw, take a look at this tweet from software developer Alex Ionescu, who says his studies of macOS code show Apple introduced a fix for the CPU flaw in the release of macOS 10.13.2, and there are additional tweaks set to be introduced in macOS 10.13.3, which is now in beta testing.
Microsoft’s patch is created to address two serious design flaws in computer chips that can be used to steal sensitive data from your PC.
Speaking to TheJournal.ie, Honan said “there’s the potential that applying the patches could impact the performance of the machines”, noting that older machines or those already under a lot of pressure may be particularly affected.
The exploits were discovered by Google’s Project Zero team last June and the entire tech industry was about to embark on a coordinated response that would go public on 9 January. The update features security fixes to resolve recent security flaws, namely, the Meltdown and Spectre attacks. Having the ability to update millions of servers in days, without causing user disruption or requiring maintenance windows, is a hard technology to develop but it allows patches and updates to be deployed quickly after they become available, and without user disruption that can damage productivity. Mozilla implemented two different changes in the new Firefox version in order to deal with the two security flaws.
In a blog post by senior security engineer, Matt Linton, and Matthew O’Connor look at Meltdown and Spectre taking Google customers into consideration.
There’s no complete software patch for Spectre right now, said Michael Daly, chief technology officer of cybersecurity and special missions at Raytheon, a defense company.
The other flaw, called Meltdown, affects most Intel processors made after 1995. All other computers are actually better off without the fix because for them, the security update can trigger errors, including the Blue Screen of Death.
These flaws are partly associated with Intel chips installed in all the devices. Further mitigations will release in future versions of iOS, macOS, tvOS, and watchOS.
Risks that Variant 1 would pose to the infrastructure underpinning Google Cloud are addressed by the multiple security controls that make up our layered “defense in depth” security posture.
The good news is researchers and companies said there is no evidence of these flaws being exploited in the wild. Chromebooks updated to Chrome OS 63, which started rolling out in mid-December, are already protected.
However, on a much broader scale, organizations and cloud computing providers need to implement security fixes for the Meltdown bug to prevent a large-scale global attack.
PCs also require additional hardware protection, so companies will be issuing firmware updates.
According to Intel, Krzanich’s divestments were unrelated to the security flaws.