christopher.white@nintex.com

Spectre + Meltdown (Intel)

Blog Post created by christopher.white@nintex.com Support on Jan 18, 2018

Meltdown and Spectre present 3 different ways of attacking data protection measures on CPU's enabling attackers to read data they shouldn't be able to.

(Scott Manley does a great job of explaining this YouTube Link

 

 

So what is Software vendors doing about this? 

  • The easy point to control this kind of operation hack is at the operating system level. So the main place to block this hack is with a patch for the operation system (Microsoft has already release patches for this so if you are up-to-date as of Jan 2018 you are in a good spot. 
  • Microsoft and the other major operation system providers have already prepared patches which effectively changes this speculative computation mechanism to avoid exposing kernel memory data. 

 

What impact does it have on Nintex Products.    

  • It impacts all software respectively as it hits performance & throughput on servers Intel based CPU's. 

 

What you need to do?

  • Make sure you are up-to-date with your operating system patching!#

 

 

Nintex security patch notice: Security patching to address the "Meltdown" and "Spectre" - Nintex Knowledge Base 

Outcomes