What is Intel chip bug?

Chips from Intel, AMD, and ARM are susceptible to Spectre attacks. Intel processor have security issues
like security bugs that are fixed but after fixing of bugs it could slow down pc’s. On the other hand
Kernels in operating system have complete control over the entire system and connect applications to
the processor memory and all other hardware that are inside the computers.

Intel chips
In the Intel chips have been marred by another series of security flaws dubbed Foreshadow-NG.
Researchers discovered the vulnerabilities, which primarily affect Intel’s Software Guard Extensions
(SGX) and the security of virtualized environments.
Foreshadow is yet another speculative execution flaw such as like Meltdown and Spectre that are occurs
in Intel’s processors that allows attackers to steal sensitive contents stored in computers easily or virtual
machines' memory. Most modern processors utilize speculative execution to improve performance. As the
name suggests, the chips will speculate or assume the instructions they need to execute next, instead of
waiting around for the previous instructions to complete their execution. When the prediction is correct,
this saves overall execution time, while the incorrect predictions are scrapped and loss a lot of time.

Affected CPU’s and Mitigation in Intel Processor

After long research and study the researcher of Intel chip said that the original Foreshadow variant only
affects Intel’s SGX-capable chips, which includes the Sky lake generation and newer that are not included
in these bugs. Meanwhile, the two Foreshadow-NG variants don’t seem to affect other chip providers so
far and affect the following Intel chips:

Following are affected chips

 Intel Core i3/i5/i7/M processor (45nm and 32nm)

 2nd/3rd/4th/5th/6th/7th/8th generation Intel Core processors

 Intel Core X-series processor family for Intel X99 and X299 platforms

 Intel Xeon processor 3400/3600/5500/5600/6500/7500 series

 Intel Xeon Processor E3 v1/v2/v3/v4/v5/v6 family

 Intel Xeon Processor E5 v1/v2/v3/v4 family

 Intel Xeon Processor E7 v1/v2/v3/v4 family

 Intel Xeon Processor Scalable family

 Intel Xeon Processor D (1500, 2100)

Previous countermeasures implemented against Spectre and Meltdown can't protect against Foreshadow
attacks, according to the security researchers that uncovered the Foreshadow flaws. Mitigation against the
Foreshadow flaws require updates to operating systems, hypervisors and Intel chips microcode. Intel's
own benchmarks showed that the performance impact of the patches is negligible.
Although getting the operating system and hypervisor updates should be easier, getting the microcode
updates will be trickier for the many users who fully depend on manufacturers to send them the updates.
That means know you can easily said that older computers and laptops may not be fully protected against
the Foreshadow attacks by the hacker to stolen your important data.

What is ADM chip bug?

ADM stands for Architecture Development Method. ADM is a file extension for a policy template file
format used by Microsoft Windows NT and XP. ADM files are typically used by system administrators to
apply group policy changes to the registry for security purposes within a Microsoft Active Directory
environment or on a single machine.
The full form of ADM that you can say it is a method for developing your enterprise architecture. The
Architecture Development Method – often referred to by its abbreviation as the ADM – is a detailed step-
by-step process for developing or changing an enterprise architecture.

Researchers discovered gaps in security stemming from central processing units - better known as the
chip or microchip - which could allow privately stored data in computers and networks to be hacked.
What are the bugs?
There are two type of separate security risk flaws in the Computer system and Laptop’s, which are known
as Meltdown and Spectre.

 Meltdown affects laptops, desktop computers and internet servers with Intel chips.

 Spectre potentially has a wider reach. It affects some chips in smartphones, tablets and computers
powered by Intel, ARM and AMD.

Basically in simple words you can say that the bugs are security risk or security flaws that are allow
hackers to potentially read information stored on a computer memory and steal information of personal
data of companies that can be protected for unauthorized peoples like passwords, pictures, and credit card
data information.

Another big new by the Researcher and Technology analyst Jake Saunders from ABI Research said it was
not exactly clear what information might be at risk, but as the security gaps had been exposed "the
question is whether other parties can discover and potentially exploit them".

What is X800 and RFC 4949?

The simple and small definition of X800 is security service as a service provider by a protocol layer of
communicating open system which are ensures the update systems or of data transfer. In other words you
can said that the RFC 2828 defines security services as a processing or communication service that is
provided by a system to give a specific kind of protection to system resources.
You can also said that X-800 is an update version or extension recommendation of the recommendation
X-200 which can describes the reference model for Open System Interconnection (OSI). It establishes a
framework for coordinating the development of existing and future recommendations for the system
interconnection. The objective of OSI is to permit the interconnection of heterogeneous computer systems
so that communication between application processes may be achieved.
X-800 provides a general description of security services and related mechanisms and defines the
positions within the reference model where the services and mechanisms may provide.
According to X-800 standards, there are 8 security dimensions addresses to network vulnerability:

1. Access control
2. Authentication
3. Non – repudiation
4. Data consistency
5. Communication security
6. Data integrity
7. Availability
8. Privacy
RFC 4949
The RFC 4949 is an Internet Security Glossary Version 2 that is released in August 2007. IDOCs also
need to avoid terms that either favor a particular vendor or favor a particular security technology or
mechanism over other, a competing techniques that already exist in the market or might be developed in
the future for the RFC 4949 but it’s simple is that it is an internet security glossary.
The glossary is rich in the history of early network security work, but it may be somewhat incomplete in
describing recent security work, which has been developing rapidly.
RFC 4949 is an Informational RFC describing Internet Security Glossary·