The ghosts of the Meltdown and Specter wants to haunt the computing industry for years to come. Bypass, or simply variant 4. (Meltdown and the two specter flaws were the first three variants.) Do not panic though.
Speculative Store Bypass affects Intel, AMD, and ARM chips, meaning mobile devices are so affected. But fortunately, Variant 4 attacks runtime languages in browsers like Chrome, Firefox, and Edge-just like one of the previous Specter attacks. "Intel's Leslie Culbertson says." Starting in January, most of the leading browser providers deployed mitigations for Variant 1 in their managed runtimes – that's actually increasing the difficulty of exploiting side channels in a web browser. " "These mitigations are also applicable to Variant 4 and available for consumers to use today."
Keep your browser up to date and you're good to go, in other words.
Fully mitigating the issue on Intel requires a Software update, similar to Specter. Intel says it's already shipped microcode patches for Variant 4 to it's hardware partners, and the new bios BIOSes containing the fix to start rolling out "over the coming weeks." But it seems like Intel thinks the browser is fixed alone protection enough, as the company says ship with the speculative store Bypass mitigation disabled by default.
"If enabled, we've got a performance impact of about 2 to SYSmark® 2014 SE and SPEC integer rates on client and server test systems, "Intel says. Previously Specter-related firmware patches already dragged down PC performance, especially in storage and other I / O-intensive tasks.
The mitigation for AMD processors involves operating system patches alone, with no speculative store bypass firmware updates planned.
Keeping your browser up to date is just part of staying safe in a post-meltdown world. Check out PCWorld's guide on how to protect your PC against Meltdown and Specter for the full details, and be sure to keep your antivirus active. While Intel says it is not aware of a successful browser-based attack, it has detected code samples attempting to leveraging the CPU exploits. Would-be hackers need to be able to run your pc to trigger the cpu flaws. Keeping your browser updated and antivirus vigilant can help protect against it. PCWorld's guide to the best antivirus software can help you find the right security for your needs.