Spectre and Meltdown chip flaws put systems at risk
Flaws in Intel, ARM and AMD chips could allow data theft, Google researchers warn
Two security flaws have been detected in micro-processors which will require emergency patches for Windows and other systems.
The first flaw, dubbed ‘Spectre', affects Intel, AMD and ARM processors, while the second ‘meltdown' flaw only affects Intel processors.
Security researchers for Google, who revealed the flaws late on Tuesday, said that the security flaws were "serious" and could result in the theft of data.
In a Google blog post, researchers said "that the flaws are caused by speculative execution, a technique used by most modern processors (CPUs) to optimize performance. malicious actors could take advantage of speculative execution to read system memory that should have been inaccessible. For example, an unauthorized party may read sensitive information in the system's memory such as passwords, encryption keys, or sensitive information open in applications. Testing also showed that an attack running on one virtual machine was able to access the physical memory of the host machine, and through that, gain read-access to the memory of a different virtual machine on the same host. These vulnerabilities affect many CPUs, including those from AMD, ARM, and Intel, as well as the devices and operating systems running on them."
The company said it was revealing the flaws ahead of an original disclosure date of 8th January because of ongoing discussion online which raised the risk of hackers moving to exploit the flaws.
Google said that its Android phones with the latest security updates were protected, and that Gmail was safe. It is working on patches for Chromebooks and the Chrome web browser. ARM has also already released patches, while Microsoft and Apple are also expected to release patches soon.