The past few years has been rough on processor security, this especially for Intel as one of the biggest processor vulnerabilities Meltdown and Spectre was for nearly all their modern CPUs. Although patches came out almost immediately to solve these issues, this was just the start to the security vulnerabilities as other attacks such as MDS (Microarchitectural Data Sampling) have been popping up. So why are these vulnerabilities and security flaws only now coming to light? These issues actually are quite complex and would need a further understanding of the advances of CPU technology such as the following below:
- L1/L2/L3 caches
- Speculative execution
- Pipelines and buffers
- Hyper-Threading
If you are unfamiliar with the above technologies, they basically function as ways to help improve the speed of the CPU. In theory, without these components, we could have a much more secure processor at the cost of performance. Vendors are caught in a predicament of wanting to increase performance but also have to consider the security implications of newer technology. This shows in the patches for recent vulnerability fixes which brought performance down of the CPU by 5-30%. The latter number can be alarming but does not usually affect home users as the 30% is more frequent for servers.
Although vendors are still working on improving their security to prevent future vulnerabilities from happening, there are still ways to make sure that your data is protected like adding an additional layer of security. With the help of 3rd party security vendors such as Trend Micro can help with products such as Deep Security through virtual patching.
To get a more in depth understanding of the processor vulnerabilities, you can refer to this article here. To learn more about Trend Miro Deep Security, you can visit our page here or contact us directly at 893-9515 and we will be more than happy to answer your inquiries!