Risk

3/20/2018
09:00 AM
50%
50%

7 Spectre/Meltdown Symptoms That Might Be Under Your Radar

The Spectre/Meltdown pair has a set of major effects on computing but there are impacts on the organization that IT leaders might not have considered in the face of the immediate problem.
Previous
1 of 8
Next

Spectre and Meltdown are awful. That much goes without saying. When a vulnerability in the heart of the CPU can bring your secure authentication efforts to naught, it's a bad thing.

But in addition to the obvious security threats, there could be significant impact on an organization's budgets, schedules, vendor relationships, and product plans. And for many companies, these "secondary" effects could have far more impact than the initial security vulnerabilities

While the basic impact of Spectre and Meltdown lies deep within a silicon wafer, the real impact could be felt in boardrooms, datacenters, and product planning meetings around the globe. Whether the planning is involved is for products for sale, internal projects, or capital expenses, you can expect to see an impact from Spectre and Meltdown.

Here, then, are seven implications of Spectre/Meltdown that might not have been at the top of your list of worries, but that should be on your radar.

(Image: Myriams-Fotos, via Pixabay)

 

Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and ... View Full Bio

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
seajay1221
100%
0%
seajay1221,
User Rank: Apprentice
3/20/2018 | 2:33:21 PM
Great article
My enjoyment of this article is only exceded by my frustration at the multi-page format it was published in. The article's good enough to stand on its own, why resort to shady click-gen tactics?
What We Talk About When We Talk About Risk
Jack Jones, Chairman, FAIR Institute,  7/11/2018
Major International Airport System Access Sold for $10 on Dark Web
Kelly Sheridan, Staff Editor, Dark Reading,  7/11/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14373
PUBLISHED: 2018-07-17
An issue was discovered in LibTIFF 4.0.9. In TIFFFindField in tif_dirinfo.c, the structure tif is being dereferenced without first checking that the structure is not empty and has the requested fields (tif_foundfield). In the call sequences following from the affected library functions (TIFFVGetFiel...
CVE-2018-14374
PUBLISHED: 2018-07-17
An issue was discovered in LibTIFF 4.0.9. A buffer overflow can occur via an empty fmt argument to unixErrorHandler in tif_unix.c, and it can be exploited (at a minimum) via the following high-level library API functions: TIFFClientOpen, TIFFFdOpen, TIFFRawStripSize, TIFFCheckTile, TIFFComputeStrip,...
CVE-2018-14375
PUBLISHED: 2018-07-17
An issue was discovered in LibTIFF 4.0.9. A buffer overflow vulnerability can occur via an invalid or empty tif argument to TIFFRGBAImageOK in tif_getimage.c, and it can be exploited (at a minimum) via the following high-level library API functions: TIFFReadRGBAImage, TIFFRGBAImageOK, and TIFFRGBAIm...
CVE-2018-14378
PUBLISHED: 2018-07-17
An issue was discovered in LibTIFF 4.0.9. A buffer overflow can occur via an invalid or empty tif argument to TIFFWriteBufferSetup in tif_write.c, and it can be exploited (at a minimum) via the following high-level library API function: TIFFWriteTile.
CVE-2018-14363
PUBLISHED: 2018-07-17
An issue was discovered in NeoMutt before 2018-07-16. newsrc.c does not properly restrict '/' characters that may have unsafe interaction with cache pathnames.