如何应对Meltdown和Spectre处理器安全漏洞
最近Intel的CEO开始不寻常地疯狂卖股票,原因竟然是……
最近由Intel和处理器竟然有非常严重的安全漏洞Meltdown
,不过还有个漏洞Spectre
几乎所有Intel、AMD、ARM的处理器都有,这个是无法避免的,不过它难以利用。不过Meltdown
危害性就大了,软件可以通过该硬件漏洞访问系统内存,窃取隐私信息。
安全漏洞相关信息
Meltdown
(CVE-2017-5754)
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.
If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. This applies both to personal computers as well as cloud infrastructure.
Spectre
(CVE-2017-5715/CVE-2017-5753)
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.
Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.
现状
全世界计算机几乎都将会受到影响
Windows
系统已经发布更新,但是速度会变慢5%-20%。
系统版本 | 链接 |
---|---|
Windows 10 1709 | KB4056892 |
Windows 10 1703 | KB4056891 |
Windows 10 LTSB 2016 | KB4056890 |
Windows 8.1 with Update | KB4056898 |
Windows 7 SP1 | KB4056897 |
Linux
只需要更新到最新内核即可修复漏洞,性能仍然会受到影响。
MacOS
已经发布了修补补丁,只需安装即可(MacOS 10.13.3 High Sierra),性能仍会受到影响
最后更新于 2018-02-03 19:17:16 并被添加「meltdown spectre 漏洞 intel cpu」标签,已有 3732 人阅读过。
本文距离最后一次更新已超过180天,部分内容可能会随着时间的推移变更或失效。
影响性能还是算了吧......