More Chrome OS Devices Receive Meltdown, Spectre Patches

By Eduard Kovacs

The latest stable channel update for Google’s Chrome OS operating system includes mitigations for devices with Intel processors affected by the Spectre and Meltdown vulnerabilities.

Meltdown and Spectre attacks exploit design flaws in Intel, AMD, ARM and other processors. They allow malicious applications to bypass memory isolation mechanisms and gain access to sensitive data.

Meltdown attacks are possible due to CVE-2017-5754, while Spectre attacks are possible due to CVE-2017-5753 (Variant 1) and CVE-2017-5715 (Variant 2). While Meltdown and Variant 1 can be addressed with software updates, Variant 2 also requires microcode updates from the manufacturers of …read more

Via:: Security Week