Security Flaws Found to Affect Nearly Every Computer Processor, Allowing Hackers to Steal Data
Security Flaws Discovered by Google’s Project Zero Team
Last year Google’s, project zero team found a security flaws that could potentially allow hackers to access sensitive information from your computer. This security flaws seems to be affecting CPUs running on Intel, AMD and ARM processors.
This security flaws having to do with speculative execution whereby the processor estimates the most likely action to be taken by the user and already executes it to speed up the process, has also allowed hackers to get into the system and access highly sensitive stuff like one’s passwords and other crypto info.
Speculative Execution and the security flaws:
Nowadays CPUs come with a special feature which allows the machine to speed up processing by identifying the next course of action and them implementing it. The security flaw has to do with how people with bad intentions use this speculative execution process to hack into the system.
Hackers read the system’s memory and then have access to all sensitive information which is contained in the system memory like passwords, sensitive info in applications and encryption keys.
The hacking does not stop here but. It was also discovered that if a hacker could gain access to a user’s system then they could also access the host computer and other computers connected to the host computer too.
The hacking can take three different forms to access an individual’s system. But all three methods would require a hacker to run malicious coding on the targeted system. Each of the three methods is effective under different circumstances. After the hacker has obtained access to the system they are granted normal user privileges and can then read the system’s memory containing passwords and other sensitive info.
Extent of the security flaws:
Many CPUs from ARM, AMD and Intel are susceptible to this security flaw also devices running or operating on such systems too are liable to an attack.
Steps taken to patch the security flaw:
Google has taken necessary steps to solve the problem and protect their users from any potential attacks. The tech giant has also closely collaborated with companies across the tech platform to remedy the issue.
Posting about the security Flaws:
The security flaws was detected somewhere last year with Google planning on making an announcement on the 9th of Jan this new- year.
The reason for this earlier than planned release was because of reports and speculation on the matter being circulated in the press and the security field in general. Allowing an issue to be circulated in the press allows hackers an opportunity to exploit the security flaws before patches to the problem reach users.
Similarly, the issues of the security flaws was not released last year when Google’s team first discovered it, was because before any patches or solutions could be thought off, if any news of a security flaws came out then it would give hackers an opportunity to take advantage of a user’s system even when they initially didn’t know of any security flaws in the first place.