關於Intel CPU 漏洞:Spectre” and “Meltdown”
“Spectre” and “Meltdown” Side-channel Security Vulnerabilities and Mitigations (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
“Spectre” and “Meltdown” Side-channel Security Vulnerabilities and Mitigations (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
Updated by August 27th, 2018
ASUS is aware of the Meltdown and Spectre vulnerabilities to modern CPU architectures, which may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Mitigations include both operating system and firmware updates. For more information, please review the security updates from CPU vendors, Intel and AMD .
|
Variant 1 |
CVE-2017-5753 |
Spectre |
Bounds check bypass |
Requires OS update |
|
Variant 2 |
CVE-2017-5715 |
Spectre |
Branch target injection |
Requires OS update Requires BIOS update (MCU) |
|
Variant 3 |
CVE-2017-5754 |
Meltdown |
Rogue data cache load |
Requires OS update Requires BIOS update (MCU) |
In response to the recommendation from CPU vendors, ASUS is taking the following actions:
