This is a static archive of the old Zorin Forum.

The information below may be outdated. Visit the new Zorin Forum here ›

If you have registered on the old forum, you will need to create an account on the new forum.

Update on Spectre and Meltdown - courtesy of LXF Newsdesk

Swarfendor437

Sat Feb 24, 2018 2:45:30 pm

"...According to a timeline posted on The Verge (http://bit.ly/verge-spectre), Gruss, Lipp, Schwarz and Mangard discovered the fault late 2017, and on 3 December 2017 they had created a workable exploit for what would be called Meltdown, and contacted Intel. Intel already knew about the issue, but asked the team to keep quiet. It wasn't until the beginning of January 2018 that both the Spectre and Meltdown flaws were made public. ...

... The scale of the problem soon became apparent when it was revealed that all Intel CPUs with out-of-order execution since 1995 were potentially affected, apart from Intel Itanium microprocessors and pre-2013 Atoms. No AMD processors are affected by Meltdown and only certain very new ARM processors are (https://developer.arm.com/support/security- update)

... Apple was hesitant to reveal that its devices were at risk (its own ARM processor are affected), but it released MacOS 10.13.2 and iOS 11.2, which contain mitigations. For more details on Meltdown you can read the whitepaper at https://meltdownattack.com/meltdown.pdf.

[Spectre] ... software patches for browsers and operating systems have been released that contain mitigations (because any attack using Spectre could likely use JavaScript). [https://spectreattack.com/spectre.pdf.

...make sure your devices are patched and up to date, and that any patches are from trusted sources. Malwarebytes discovered a fake Meltdown and Spectre patch that deposits 'smoke loader' malware on the victim's Windos machine - read more at http://bit.ly/smoke-loaders."