Sifting Through The Speculation
As concerns over the Spectre and Meltdown processor vulnerabilities stretch on into another week, technology vendors and solution providers seem to be facing more questions than answers when it comes to security patches and their possible performance effects. New information regarding PC and server impact is emerging daily as vendors and integrators conduct further testing and research.
While some solution providers have reported minimal or no performance effects related to recently deployed software and OS patches, some customers and technology professionals have experienced problems ranging from noticeable CPU usage increase to blue-screening.
The Spectre and Meltdown threats are examples of side-channel attacks. Two of those variants are known as Spectre, including one that could be used to leak Linux kernel memory and another that could change how an application works based on the contents of memory. The third, known as Meltdown, could let an application read kernel memory without misdirecting the control flow of kernel code.
To date, there have been no known exploits of the security issue.
In the following slides, CRN has highlighted seven key points worth considering as businesses continue to size up the potential consequences of deploying Spectre and Meltdown mitigation patches.