Oracle issues patch for Meltdown and Spectre vulnerabilities

null

Oracle is the latest in a string of companies issuing a patch for the recently discovered Spectre / Meltdown vulnerabilities. Announcing the patch on Tuesday, the company said it fixes some of its products for Intel’s chip vulnerabilities.

The patch comes with 237 security fixes for a number of Oracle products. It was also announced that some versions of Oracle Solaris on SPARCv9 are affected by Spectre, and that the company is still working on a fix.

Oracle declined to comment on the report.

In early January, the media reported of two huge vulnerabilities, Meltdown and Spectre. They affected the chips powering virtually every machine in the world (PCs, servers, mobile devices), and could result in victims having their personal data stolen.

The likes of AMD, Arm, Apple, IBM or Qualcomm were all affected. The manufacturers were quick to start issuing patches, but some of them only caused even more headaches.

AMD’s patch started bricking devices, so the company had to stop issuing the fix until a fix for the fix was created.

Intel has seen a number of class-action lawsuits because of the vulnerabilities. And latest figures have shown that just four per cent of all enterprise devices were patched.

Google has also issued a patch, called Retpoline, and claims that it does not affect performance. In a blog post, Google VP Ben Treynor Sloss wrote that the company's service works by using patched software services, rather than disabling CPU functions on affected devices, as had been the case with other fixes.

Image Credit: Ken Wolter / Shutterstock