Home / / Update: Meltdown and Spectre show breadth of cyber risks

Update: Meltdown and Spectre show breadth of cyber risks

Security experts weigh in on possible implications of newly discovered security flaws

Update: Meltdown and Spectre show breadth of cyber risks
These flaws attack the foundational modern computer building block capability, warns Grobman.

Meltdown and Spectre vulnerabilities prove the IT industry needs to grasp the ability of advanced threat techniques to scale across all of the computing platforms, impacting both corporate and consumer domains at the same time, a security expert has said.

Steve Grobman, CTO of McAfee, said the disclosure reveals that the scope of implications extends beyond just PCs to servers, cloud, mobile and IoT platforms, and beyond one vendor’s CPU platform to those of multiple vendors. “These methods attack the foundational modern computer building block capability that enforces protection of the OS from applications, and applications from one another. Businesses and consumers should update operating systems and apply patches as soon as they become available,” Grobman said.

Last week, we reported on two security flaws, ‘Meltdown’ and ‘Spectre’ detected in micro-processors which require emergency patches for Windows and other systems. Spectre affects Intel, AMD and ARM processors, while the Meltdown flaw only affects Intel processors.

Security researchers for Google described the security flaws as "serious" and could result in the theft of data.

Tabrez Surve, regional director for F5 Networks said the hardware and software security flaws exposed by the Meltdown and Spectre bugs highlight the importance of robust application security.  “Applications are now the gateway to our data, and wherever they go, so too should the corresponding protection. Having the right solutions in place not only minimises risk, but safeguards networks, applications and intellectual property from malicious attacks,” Surve added.

Follow us to get the most comprehensive IT Security news delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.