Meltdown, Spectre: The password theft bugs at the heart of Intel CPUs

On Tuesday, we [The Register] warned that a blueprint blunder in Intel’s CPUs could allow applications, malware, and JavaScript running in web browsers, to obtain information they should not be allowed to access: the contents of the operating system kernel’s private memory areas. These zones often contain files cached from disk, a view onto the machine’s entire physical memory, and other secrets. This should be invisible to normal programs.

Thanks to Intel’s cockup – now codenamed Meltdown – that data is potentially accessible, meaning bad websites and malware can attempt to rifle through the computer’s memory looking for credentials, RNG seeds, personal information, and more…

Read More (The Register)

Leave a Comment