This is accomplished by way of a little-known feature called “speculative execution” which allows the processor to perform operations before it’s received definitive instructions that they need to be done. It’s a way of milking more speed out of the system.
Unfortunately, any such system runs the risk of giving programs permission to execute that, under normal circumstances, would not get permission. For example, a hacker could exploit this time-saving trick to force a piece of malware that Windows Defender (or related programs designed to safeguard your system) would otherwise catch and keep from running.
The truly terrifying part about this newly discovered exploit is its scope and scale. Intel chips are found in the majority of PCs and laptops being sold today, and this exploit has been sitting undiscovered until now, in every chip the company has made over the last ten years.
So far, Google researchers have identified two distinct attacks that could be used to exploit the flaw, dubbed “Meltdown” and “Spectre,” both being every bit as bad as they sound, and both capable of giving a hacker complete control over a target system. Fortunately, there have been no reported instances of either being used in the wild…yet.
The company is aware of the problem, and although they are playing things close to the vest, a fix is already in the works. Unfortunately, there’s a drawback. In order to implement the fix, it’s going to require a huge restructuring. This will likely eliminate the “speculative execution” feature, which is going to notably slow systems down. Early estimates are that when the fix is rolled out, you’ll see your system’s performance degraded by between 17-23%.
If there’s a silver lining in all this, if you happen to own a machine built around an AMD processor, give yourself a pat on the back. They don’t contain the flaw.
Used with permission from Article Aggregator