«
»
 

Examining Spectre and Meltdown attacks

Posted by on Tuesday, May 22, 2018

As you have no doubt heard, Spectre and Meltdown aren’t software bugs that can be fixed in a few days or weeks when a company pushes out a patch. They are part of the architecture of hardware – the chips that run your computer. And you don’t just roll out a patch for hardware. Chips can’t be “patched” until a new version comes out – a refresh cycle that is generally five years or much longer. In other words, these flaws aren’t just bad, they’re long-term bad.

But the news is not all bad

First, exploiting them is not easy. An attacker would need to install malware on your computer to take advantage of them.

Second, you and your organization are not totally defenseless. There are tools now available to defend both your operating system and your software. You just have to use them…

Detect Spectre exploits with static analysis

Find out how

This post is filed under Security news and research.
 
Taylor Armerding
Posted by

Taylor Armerding

Taylor Armerding

Taylor Armerding is an award-winning journalist who left the declining field of mainstream newspapers in 2011 to write in the explosively expanding field of information security. He has previously written for CSO Online and the Sophos blog Naked Security. When he’s not writing he hikes, bikes, golfs, and plays bluegrass music.

SEE AUTHOR ARCHIVE

More from Security news and research

Subscribe

Thanks for subscribing to the Synopsys Integrity Group blog. You’ll receive your welcome email shortly. In the meantime, please enjoy a complimentary copy of the 2021 Gartner Magic Quadrant for Application Security Testing.




Get the Gartner report

2021 Gartner MQ for AST

Related Tags