Spectre and Meltdown – Intel Chipset Vulnerability
Intel Chipset Vulnerability
Spectre and Meltdown
MARK HALLETT
IT SALES MANAGER
Intel has confirmed that there is a major flaw in its chipsets possibly dating as far back as 10 years. Currently there are no known exploits available “in the wild”. However, as it has now been made public there is an increased risk of this flaw being exploited.
Commercial is working with vendors, and patches to address these issues will be available soon.
Status summary
The issue is broken down into two different, but related, vulnerabilities: Meltdown and Spectre. These were both identified by Google’s Project Zero Team.
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include passwords stored in a password manager or browser, personal photos, emails, instant messages and even business-critical documents.
The following BBC articles explain in more detail:
Should you have any questions on this notice, please submit them to ITsupport@commercial.co.uk