Displaying items by tag: Meltdown

A veteran Linux kernel developer at Germany-based SUSE says the one thing that keeps him and his team busy these days is CPU vulnerability mitigations.

The OpenSSH project has implemented changes in its implementation of secure shell to guard against speculative execution and memory side-channel attacks — Spectre, Meltdown, Rowhammer and RAMBleed — developer Damien Miller says.

The head of the OpenBSD project, Theo de Raadt, has warned that more flaws related to speculative execution in Intel CPUs are likely to be found and that the two vulnerabilities found by Intel, as a result of examining the Foreshadow bug — found by two independent teams — are cause for much worry.

Despite the abysmal security record of its Android mobile operating system, Google loves to boast of its prowess in the field of security. Most of the time it does this by trying to show it is superior to other technology companies, with the latest example being Samsung.

Processor giant Intel says that a new vulnerability in its CPUs, known as TLBleed, is not caused by speculative execution and hence not related to Spectre and Meltdown, two flaws which were disclosed in January.

Intel chief executive Brian Krzanich has resigned after the company discovered he had a consensual relationship with a staff member in violation of Intel's non-fraternisation policy.

The OpenBSD project, which produces an UNIX-like operating system of the same name, has decided to disable support for hyperthreading for Intel processors as it could lead to data leaks in a manner similar to that caused by the Spectre flaws in Intel processors announced earlier this year.

Intel has updated patches issued earlier for its Broadwell and Haswell range of processors to guard against one variant of the Spectre vulnerability.

Intel concealed information about two flaws in its processors from US cyber security officials and the latter only became aware of them when they were publicly disclosed a little more than six months after the processor behemoth was informed about them.

Processor giant Intel will give a demonstration of a concept 5G-connected PC during the forthcoming Mobile World Congress in Barcelona.

Processor giant Intel has issued a second set of patches for two flaws, named Meltdown and Spectre which were publicly disclosed in January, after there were problems with the first set of patches issued last month.

Thirty customer class action lawsuits and two securities class actions have been filed against Intel in connection with two vulnerabilities in its processor which were made public in January.

Intel reportedly warned its OEM partners about the Meltdown and Spectre processor flaws on 29 November, the same day that its chief executive, Brian Krzanich, sold a tranche of stock and options and netted a healthy profit.

The US Government was not on the priority list of entities which Intel chose to notify when it became aware of flaws in its processors that were finally divulged to the world earlier this month.

Linux creator Linus Torvalds has described the patches released by Intel for the Meltdown and Spectre bugs as "complete and utter garbage".

Intel says it has identified the reasons why the patches it issued for the Meltdown and Spectre vulnerabilities caused crashes on the Broadwell and Haswell platforms.

Processor giant Intel has told some of its customers that the microcode patches it issued to fix the Meltdown and Spectre flaws in its products are buggy and that they should not install them.

American multinational semiconductor and telecommunications equipment company Qualcomm admits some of its processors are vulnerable to the Meltdown and Spectre bugs but has refused to provide any clarity on exactly which products are affected.

Intel chief executive Brian Krzanich has avoided making any mention of his controversial sale of stock and options in a keynote at the Consumer Electronics Show in Las Vegas, though he did touch on the two vulnerabilities found in most processors produced by the company he heads.

Disclosure of the Meltdown and Spectre vulnerabilities, which affect mainly Intel CPUs, was handled "in an incredibly bad way" by both Intel and Google, the leader of the OpenBSD project Theo de Raadt claims.