Google deploys patch for security flaws in chips


San Francisco, Jan 5 (IANS): To safeguard its customers from potential security bugs in chips, Google has deployed a novel chip-level patch across its entire infrastructure, resulting in only minor declines in performance in most cases.

"In response to the vulnerabilities that were discovered, we developed a novel mitigation called 'Retpoline' -- a binary modification technique that protects against 'branch target injection' attacks," Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Programme Manager at Google wrote in a joint blog post on Thursday.

"We shared 'Retpoline' with our industry partners and have deployed it on Google's systems, where we have observed negligible impact on performance," the engineers added.

In addition, the tech giant has deployed "Kernel Page Table Isolation" (KPTI) which is a general purpose technique for better protecting sensitive information in memory from other software running on a machine.

"KPTI" has been deployed to the entire fleet of Google Linux production servers that support all of our products, including Search, Gmail, YouTube and Google Cloud Platform, the company said in a statement.

Earlier, Intel had confirmed serious security flaws in modern processors that could affect its computers released in the last two decades.

The chip-maker had said that the bug, if used for malicious purposes, has the potential to improperly gather sensitive data from computing devices and promised to fix the bug as soon as possible.

It added that the vulnerability, discovered by a British tech website, the Register, is not unique to Intel products.

It argued that "many types of computing devices -- with many different vendors' processors and operating systems -- are susceptible to these exploits".

Software major Microsoft has already issued emergency updates to supported versions of Windows that was part of a number of fixes that would protect against the processor bug in Intel as well as AMD and ARM CPUs.

Amazon was also reportedly working on security updates to their Cloud services and other products.

  

Top Stories


Leave a Comment

Title: Google deploys patch for security flaws in chips



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.