
We heard that vendor recommend install the patch into your server, workstation and notebook within this month. In regards to meltdown and Spectre technical white paper. We known the design weakness are divided into 3 parts. This variant 2 – branch target injection flaw might the easy one to resolve in comparing the remains 2 items of vulnerabilities. That is Bounds check bypass and Rogue data cache load, memory access permission check performed after kernel memory read. Retpoline as a mitigation strategy which control indirect branches for returns, to avoid using predictions which come from the BTB (Branch Target Buffer). But Spectre vulnerability contained bounds check bypass vulnerability. In reality, security researchers comments that the vulnerabilities are difficult to exploit in practice. Perhaps big team might spend resources to re-engineering this flaw in future then transform as a APT attack tool. Since hacker is silent at this moment. At least no one exploit those vulnerability.However US Democratic looks with interest of this incident.
U.S. lawmaker asks Intel, others for briefing on chip flaws (see url below):








