Spectre Next Generation vulnerabilities affect Intel processors

first_imgSpectre Next Generation vulnerabilities affect Intel processors by Martin Brinkmann on May 03, 2018 in Security – Last Update: May 03, 2018 – 40 commentsIntel is facing another wave of reported security issues that affect the company’s processors. The vulnerabilities, called Spectre Next Generation or Spectre NG, have not been disclosed publicly yet.A report on the German computer magazine site Heise suggests that eight new vulnerabilities were reported to Intel recently. Intel gave four of the eight vulnerabilities a severity rating of high and the remaining four a severity rating of medium according to Heise.The exploitability of one of the vulnerabilities appears to be higher than that of previous issues as attackers may abuse the issue to break out of virtual machines to attack the host system or other machines, reports Heise.Companies that provide cloud hosting or cloud services are primary targets for the vulnerability as attackers may exploit it to gain access to data transfers and data.Intel released patches and updates for the majority of processors that it announced would receive updates to protect against the previously disclosed Spectre and Meltdown variants. Some updates are still missing, however, and it is likely that many computer systems are not yet protected against attacks.One reason for that is that Microsoft has not distributed updates through Windows Updates yet. The company released standalone updates for Windows 10 but not for Windows 7 or Windows 8.1, or the recently released Windows 10 version 1803.It appears that Windows 10 version 1809 (the next feature update for Windows 10) might include the updates.Microsoft’s track record of protecting customer devices against potential attacks is not the best. The company did release initial patches in January but retracted them after a short while. While it has released updates for some of its supported operating systems, updates for other versions are still nowhere to be seen.Even worse, the Meltdown updates for Windows 7 and Windows Server 2008 R2 introduced a new vulnerability on patched systems that the researcher called Total Meltdown.Heise’s report suggests that Intel plans to release patches for Spectre Next Generation vulnerabilities in two batches. The first patches could be released as early as May 2018, the second patches in August 2018.If Intel’s current track record holds, it is likely that the patches will be released at different times for different processor families.Good news is that attacks against user systems using Spectre or Meltdown exploits are not widespread and that this is probably not going to change anytime soon.Update: An Intel spokesperson provide the following statement:Protecting our customers’ data and ensuring the security of our products are critical priorities for us. We routinely work closely with customers, partners, other chipmakers and researchers to understand and mitigate any issues that are identified, and part of this process involves reserving blocks of CVE numbers. We believe strongly in the value of coordinated disclosure and will share additional details on any potential issues as we finalize mitigations. As a best practice, we continue to encourage everyone to keep their systems up-to-date.Closing WordsBe prepared for another round of updates that patch Spectre issues and side-effects such as performance drops. It seems likely that the eight new vulnerabilities are not the last that we will see in the coming years.Now You: How do you deal with Spectre and Meltdown? (via Born)Related articlesFind out if your Windows PC is affected by Meltdown/Spectre vulnerabilitiesLinus Torvalds calls Intel’s Spectre/Meltdown patches utter garbageNew InSpectre release reveals if microcode updates are availableSummaryArticle NameSpectre Next Generation vulnerabilities affect Intel processorsDescriptionIntel is facing another wave of reported security issues in its processors. The vulnerabilities, called Spectre Next Generation or Spectre NG, have not been disclosed publicly yet.Author Martin BrinkmannPublisher Ghacks Technology NewsLogo Advertisementlast_img read more

Exhibited for the first time at Art Basel Miami Be

first_imgExhibited for the first time at Art Basel Miami Beach, two works of art that use fine and precious stones from a collection of gems that can no longer be used in classical jewelery will be displayed in an original lounge designed by the Mendini Ateliers. Commissioned by Cartier, the artists give a second life to pearls, engraved emeralds, sapphires, mandarin garnets, moonstones, diamond paving, and chalcedonies.The Fondation Cartier pour l’art contemporain and Cartier entrusted these projects to the renowned Italian architect-designer Alessandro Mendini, featured at the Fondation Cartier in Paris in 2002 in the exhibition Fragilisme, and to the artist-filmmaker David Lynch, whose exhibition The Air is on Fire was shown at the Fondation Cartier in 2007.The “precious column” conceived by Mendini was realized in collaboration with Cartier Joaillerie. These incredible gems were sorted according to category before being placed within crystal cylinders and inserted into pink-gold flutes. This column, 7.5-feet high, required over 18 months of work, evolving from the initial sketches to the final creation. In accordance with the principles of Greco-Roman architecture, the artist ingeniously stacked several cylinders around a central axis.David Lynch chose to recreate an everyday object; his Jeweled Triangle lamp explores our relationship with objects, our connection with light and the symbolic power of precious stones. A machine in motion, this brilliant work creates a unique atmosphere in which the rhythmic movement of colored gems, combined with the effects of refracted light on smooth metal, reveal the hypnotic power of precious stones.Visit www.cartier.uslast_img read more