Probable Steps to Counter Spectre and Meldown - Chip Flaws

People in Data Securities industries are already aware of the fact about the latest Spectre & Meltdown vulnerabilities. These vulnerabilities are raised when microprocessor designs have implemented speculative execution of instructions. By exploting these instruction, three types of variants are detected. Among these variants the first two variants are collectively called “Spectre” that may perform bounds-check bypass (CVE-2017-5753), or by utilizing branch target injection (CVE-2017-5715) which ultimately leads kernel code at an address under attacker control. And the third variat “Meltdown” which allows attacker to read kernel memory by conducting targeted cache side-channel attacks.

However, to overcome the risk from these vulnerabilities. The following countermeasures may be advised:



1. For Spectre CVE-2017-5753 Variant 1 Bounds Check Bypass Requires software/browser update.
2. For Spectre CVE-2017-5715 Variant 2 Branch Target Injection Requires microcode AND Windows update.
3. For Meltdown CVE-2017-5754 Variant 3 Rogue Data Cache Load Requires Windows update.



As the consumers are the most significant in case of these vulnerability[Spectre & Meltdown] exposure that’s why, currently it is advised to update your windows version to Windows 10 Version 1709. Same time Microsoft has released security patch [KB4056892] relevant to these vulnerabilities which you may installed in your PC by downloading from their site.

Major chip manufacturer like AMD/Intel already claimed that they have already identify the issue and overcome the flaws.