Menu
Oracle patches Spectre and Meltdown chip flaws

Oracle patches Spectre and Meltdown chip flaws

The critical patch contains 237 new security fixes across several Oracle products

Oracle has said it will issue a critical patch that provides fixes for certain of its products for the Meltdown and Spectre chip flaws, both of which affect Intel chips.

The critical patch contains 237 new security fixes across several Oracle products, the company said on its website.

“The January 2018 Critical Patch Update provides fixes for certain Oracle products for the Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Intel processor vulnerabilities,” the vendor said.

Separately, technology website The Register reported, citing a document in Oracle's customers-only portal, that certain versions of Oracle Solaris on SPARCv9 are affected by one of the chip flaws, named Spectre, and the company was working on a security patch for it.

Oracle declined to comment on the report.

On 3 January, security researchers disclosed a set of security flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel, Advanced Micro Devices and ARM Holdings.

One of the bugs is specific to Intel but another affects laptops, desktop computers, smartphones, tablets and internet servers alike. Intel and ARM insisted that the issue was not a design flaw, but it will require users to download a patch and update their operating system to fix.

“Phones, PCs, everything are going to have some impact, but it’ll vary from product to product,” Intel CEO Brian Krzanich said in an interview with CNBC Wednesday afternoon.

Researchers with Alphabet's Google Project Zero, in conjunction with academic and industry researchers from several countries, discovered two flaws.

The first, called Meltdown, affects Intel chips and lets hackers bypass the hardware barrier between applications run by users and the computer's memory, potentially letting hackers read a computer's memory and steal passwords.

The second, called Spectre, affects chips from Intel, AMD and ARM and lets hackers potentially trick otherwise error-free applications into giving up secret information.

Several other global software vendors have already issued patches for the vulnerabilities, including Microsoft and Apple.

(Reporting by Ismail Shakil in Bengaluru; Editing by Sandra Maler; with Douglas Busvine, Stephen Nellis and Salvador Rodriguez; additional reporting by Jim Finkle and Laharee Chatterjee; editing by Peter Henderson and Lisa Shumaker; with ARN Staff)


Follow Us

Join the newsletter!

Or
Error: Please check your email address.

Tags Oracleintelchipsmeltdownspectre

Featured

Slideshows

Bumper channel crowd kicks off first After Hours of 2018

Bumper channel crowd kicks off first After Hours of 2018

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Jefferson in Auckland to kick-start 2018. Photos by Gino Demeer.

Bumper channel crowd kicks off first After Hours of 2018
Looking back at the top 15 M&A deals in NZ during 2017

Looking back at the top 15 M&A deals in NZ during 2017

In 2017, merger and acquisitions fever reached new heights in New Zealand, with a host of big name deals dominating the headlines. Reseller News recaps the most important transactions of the Kiwi channel during the past 12 months.

Looking back at the top 15 M&A deals in NZ during 2017
Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Show Comments