จุดบกพร่องที่สองเรียกว่า ‘Spectre’ ที่กระทบต่อชิพของบริษัท AMD และ ARM โดยความผิดปกตินี้ช่วยแฮคเกอร์ให้สามารถลวงซอฟท์แวร์ และทำให้ซอฟท์แวร์ยอมเปิดเผยข้อมูลสำคัญของผู้ใช้
นักวิจัยที่ค้นพบจุดอ่อนทั้งสองประเภทกล่าวว่า บริษัท Apple และ Microsoft ซึ่งใช้ชิพของบริษัทที่ได้รับผลกระทบ เตรียมวิธีการอุดช่องโหว่ไว้เรียบร้อยแล้ว สำหรับจุดบกพร่องที่เรียกว่า ‘Meltdown’
อย่างไรก็ตาม ตัวแทนของบริษัท Microsoft ปฏิเสธที่จะแสดงความคิดเห็นในเรื่องนี้ และ Apple ยังไม่ตอบรับการข้อข้อมูลเพิ่มจากสำนักข่าวรอยเตอร์
Daniel Gruss หนึ่งในนักวิจัยจากมหาวิทยาลัย Graz University of Technology ที่ตรวจพบปัญหา Meltdown กล่าวว่า ปัญหาที่เกิดขึ้นอาจเป็นปัญหาร้ายแรงครั้งใหญ่ที่สุดครั้งหนึ่งในวงการโปรแกรมคอมพิวเตอร์
โฆษกของบริษัท ARM ที่ได้รับผลกระทบ นาย Phil Hughes กล่าวว่า ทางบริษัทได้แบ่งปันข้อมูลและเทคโนโลยีปิดช่องโหว่กับบริษัทที่มีธุรกิจเกี่ยวข้อง รวมถึงผู้ผลิตสมาร์ทโฟนหลายราย
FRANKFURT/SAN FRANCISCO (Reuters) – Security researchers on Wednesday disclosed a set of security flaws that they said could let hackers steal sensitive information from nearly every modern computing device containing chips from Intel Corp, Advanced Micro Devices Inc and ARM Holdings.
One of the bugs is specific to Intel but another affects laptops, desktop computers, smartphones, tablets and internet servers alike. Intel and ARM insisted that the issue was not a design flaw, but it will require users to download a patch and update their operating system to fix.
“Phones, PCs, everything are going to have some impact, but it’ll vary from product to product,” Intel CEO Brian Krzanich said in an interview with CNBC Wednesday afternoon.
Researchers with Alphabet Inc’s Google Project Zero, in conjunction with academic and industry researchers from several countries, discovered two flaws.
The first, called Meltdown, affects Intel chips and lets hackers bypass the hardware barrier between applications run by users and the computer’s memory, potentially letting hackers read a computer’s memory and steal passwords. The second, called Spectre, affects chips from Intel, AMD and ARM and lets hackers potentially trick otherwise error-free applications into giving up secret information.
The researchers said Apple Inc and Microsoft Corp had patches ready for users for desktop computers affected by Meltdown. Microsoft declined to comment and Apple did not immediately return requests for comment.
Daniel Gruss, one of the researchers at Graz University of Technology who discovered Meltdown, called it “probably one of the worst CPU bugs ever found” in an interview with Reuters.
Gruss said Meltdown was the more serious problem in the short term but could be decisively stopped with software patches. Spectre, the broader bug that applies to nearly all computing devices, is harder for hackers to take advantage of but less easily patched and will be a bigger problem in the long term, he said.
Speaking on CNBC, Intel’s Krzanich said Google researchers told Intel of the flaws “a while ago” and that Intel had been testing fixes that device makers who use its chips will push out next week. Before the problems became public, Google on its blog said Intel and others planned to disclose the issues on Jan. 9. Google said it informed the affected companies about the “Spectre” flaw on June 1, 2017 and reported the “Meltdown” flaw after the first flaw but before July 28, 2017.
The flaws were first reported by tech publication The Register. It also reported that the updates to fix the problems could causes Intel chips to operate 5 percent to 30 percent more slowly. (bit.ly/2CsRxkj)
Intel denied that the patches would bog down computers based on Intel chips.
FILE PHOTO: Intel’s logo is pictured during preparations at the CeBit computer fair, which will open its doors to the public on March 20, at the fairground in Hanover, Germany, March 19, 2017. REUTERS/Fabian Bimmer/File Photo
“Intel has begun providing software and firmware updates to mitigate these exploits,” Intel said in a statement. “Contrary to some reports, any performance impacts are workload-dependent, and, for the average computer user, should not be significant and will be mitigated over time.”
ARM spokesman Phil Hughes said that patches had already been shared with the companies’ partners, which include many smartphone manufacturers.
“This method only works if a certain type of malicious code is already running on a device and could at worst result in small pieces of data being accessed from privileged memory,” Hughes said in an email.
AMD chips are also affected by at least one variant of a set of security flaws but that it can be patched with a software update. The company said it believes there “is near zero risk to AMD products at this time.”
Google said in a blog post that Android phones running the latest security updates are protected, as are its own Nexus and Pixel phones with the latest security updates. Gmail users do not need to take any additional action to protect themselves, but users of its Chromebooks, Chrome web browser and many of its Google Cloud services will need to install updates.
Amazon Web Services, a cloud computing service used by businesses, said that most of its internet servers were already patched and the rest were in the process of being patched.
The defect affects the so-called kernel memory on Intel x86 processor chips manufactured over the past decade, The Register reported citing unnamed programmers, allowing users of normal applications to discern the layout or content of protected areas on the chips.
That could make it possible for hackers to exploit other security bugs or, worse, expose secure information such as passwords, thus compromising individual computers or even entire server networks.
Dan Guido, chief executive of cyber security consulting firm Trail of Bits, said that businesses should quickly move to update vulnerable systems, saying he expects hackers to quickly develop code they can use to launch attacks that exploit the vulnerabilities. “Exploits for these bugs will be added to hacker’s standard toolkits,” said Guido.
Shares in Intel were down by 3.4 percent following the report but nudged back up 1.2 percent to $44.70 in after-hours trading while shares in AMD were up 1 percent to $11.77, shedding many of the gains they had made earlier in the day when reports suggested its chips were not affected.
It was not immediately clear whether Intel would face any significant financial liability arising from the reported flaw.
“The current Intel problem, if true, would likely not require CPU replacement in our opinion. However the situation is fluid,” Hans Mosesmann of Rosenblatt Securities in New York said in a note, adding it could hurt the company’s reputation.
Reporting by Douglas Busvine in Frankfurt and Stephen Nellis and Salvador Rodriguez in San Francisco; Additional reporting by Jim Finkle in Toronto and Laharee Chatterjee in Bengaluru; Editing by Peter Henderson and Lisa Shumaker
This mode enables people with epilepsy to use the website safely by eliminating the risk of seizures that result from flashing or blinking animations and risky color combinations.
Visually Impaired Mode
Improves website's visuals
This mode adjusts the website for the convenience of users with visual impairments such as Degrading Eyesight, Tunnel Vision, Cataract, Glaucoma, and others.
Cognitive Disability Mode
Helps to focus on specific content
This mode provides different assistive options to help users with cognitive impairments such as Dyslexia, Autism, CVA, and others, to focus on the essential elements of the website more easily.
ADHD Friendly Mode
Reduces distractions and improve focus
This mode helps users with ADHD and Neurodevelopmental disorders to read, browse, and focus on the main website elements more easily while significantly reducing distractions.
Blindness Mode
Allows using the site with your screen-reader
This mode configures the website to be compatible with screen-readers such as JAWS, NVDA, VoiceOver, and TalkBack. A screen-reader is software for blind users that is installed on a computer and smartphone, and websites must be compatible with it.
Online Dictionary
Readable Experience
Content Scaling
Default
Text Magnifier
Readable Font
Dyslexia Friendly
Highlight Titles
Highlight Links
Font Sizing
Default
Line Height
Default
Letter Spacing
Default
Left Aligned
Center Aligned
Right Aligned
Visually Pleasing Experience
Dark Contrast
Light Contrast
Monochrome
High Contrast
High Saturation
Low Saturation
Adjust Text Colors
Adjust Title Colors
Adjust Background Colors
Easy Orientation
Mute Sounds
Hide Images
Hide Emoji
Reading Guide
Stop Animations
Reading Mask
Highlight Hover
Highlight Focus
Big Dark Cursor
Big Light Cursor
Cognitive Reading
Virtual Keyboard
Navigation Keys
Voice Navigation
Accessibility Statement
www.secnia.go.th
20 June 2025
Compliance status
We firmly believe that the internet should be available and accessible to anyone, and are committed to providing a website that is accessible to the widest possible audience,
regardless of circumstance and ability.
To fulfill this, we aim to adhere as strictly as possible to the World Wide Web Consortium’s (W3C) Web Content Accessibility Guidelines 2.1 (WCAG 2.1) at the AA level.
These guidelines explain how to make web content accessible to people with a wide array of disabilities. Complying with those guidelines helps us ensure that the website is accessible
to all people: blind people, people with motor impairments, visual impairment, cognitive disabilities, and more.
This website utilizes various technologies that are meant to make it as accessible as possible at all times. We utilize an accessibility interface that allows persons with specific
disabilities to adjust the website’s UI (user interface) and design it to their personal needs.
Additionally, the website utilizes an AI-based application that runs in the background and optimizes its accessibility level constantly. This application remediates the website’s HTML,
adapts Its functionality and behavior for screen-readers used by the blind users, and for keyboard functions used by individuals with motor impairments.
If you’ve found a malfunction or have ideas for improvement, we’ll be happy to hear from you. You can reach out to the website’s operators by using the following email
Screen-reader and keyboard navigation
Our website implements the ARIA attributes (Accessible Rich Internet Applications) technique, alongside various different behavioral changes, to ensure blind users visiting with
screen-readers are able to read, comprehend, and enjoy the website’s functions. As soon as a user with a screen-reader enters your site, they immediately receive
a prompt to enter the Screen-Reader Profile so they can browse and operate your site effectively. Here’s how our website covers some of the most important screen-reader requirements,
alongside console screenshots of code examples:
Screen-reader optimization: we run a background process that learns the website’s components from top to bottom, to ensure ongoing compliance even when updating the website.
In this process, we provide screen-readers with meaningful data using the ARIA set of attributes. For example, we provide accurate form labels;
descriptions for actionable icons (social media icons, search icons, cart icons, etc.); validation guidance for form inputs; element roles such as buttons, menus, modal dialogues (popups),
and others. Additionally, the background process scans all the website’s images and provides an accurate and meaningful image-object-recognition-based description as an ALT (alternate text) tag
for images that are not described. It will also extract texts that are embedded within the image, using an OCR (optical character recognition) technology.
To turn on screen-reader adjustments at any time, users need only to press the Alt+1 keyboard combination. Screen-reader users also get automatic announcements to turn the Screen-reader mode on
as soon as they enter the website.
These adjustments are compatible with all popular screen readers, including JAWS and NVDA.
Keyboard navigation optimization: The background process also adjusts the website’s HTML, and adds various behaviors using JavaScript code to make the website operable by the keyboard. This includes the ability to navigate the website using the Tab and Shift+Tab keys, operate dropdowns with the arrow keys, close them with Esc, trigger buttons and links using the Enter key, navigate between radio and checkbox elements using the arrow keys, and fill them in with the Spacebar or Enter key.Additionally, keyboard users will find quick-navigation and content-skip menus, available at any time by clicking Alt+1, or as the first elements of the site while navigating with the keyboard. The background process also handles triggered popups by moving the keyboard focus towards them as soon as they appear, and not allow the focus drift outside it.
Users can also use shortcuts such as “M” (menus), “H” (headings), “F” (forms), “B” (buttons), and “G” (graphics) to jump to specific elements.
Disability profiles supported in our website
Epilepsy Safe Mode: this profile enables people with epilepsy to use the website safely by eliminating the risk of seizures that result from flashing or blinking animations and risky color combinations.
Visually Impaired Mode: this mode adjusts the website for the convenience of users with visual impairments such as Degrading Eyesight, Tunnel Vision, Cataract, Glaucoma, and others.
Cognitive Disability Mode: this mode provides different assistive options to help users with cognitive impairments such as Dyslexia, Autism, CVA, and others, to focus on the essential elements of the website more easily.
ADHD Friendly Mode: this mode helps users with ADHD and Neurodevelopmental disorders to read, browse, and focus on the main website elements more easily while significantly reducing distractions.
Blindness Mode: this mode configures the website to be compatible with screen-readers such as JAWS, NVDA, VoiceOver, and TalkBack. A screen-reader is software for blind users that is installed on a computer and smartphone, and websites must be compatible with it.
Keyboard Navigation Profile (Motor-Impaired): this profile enables motor-impaired persons to operate the website using the keyboard Tab, Shift+Tab, and the Enter keys. Users can also use shortcuts such as “M” (menus), “H” (headings), “F” (forms), “B” (buttons), and “G” (graphics) to jump to specific elements.
Additional UI, design, and readability adjustments
Font adjustments – users, can increase and decrease its size, change its family (type), adjust the spacing, alignment, line height, and more.
Color adjustments – users can select various color contrast profiles such as light, dark, inverted, and monochrome. Additionally, users can swap color schemes of titles, texts, and backgrounds, with over seven different coloring options.
Animations – person with epilepsy can stop all running animations with the click of a button. Animations controlled by the interface include videos, GIFs, and CSS flashing transitions.
Content highlighting – users can choose to emphasize important elements such as links and titles. They can also choose to highlight focused or hovered elements only.
Audio muting – users with hearing devices may experience headaches or other issues due to automatic audio playing. This option lets users mute the entire website instantly.
Cognitive disorders – we utilize a search engine that is linked to Wikipedia and Wiktionary, allowing people with cognitive disorders to decipher meanings of phrases, initials, slang, and others.
Additional functions – we provide users the option to change cursor color and size, use a printing mode, enable a virtual keyboard, and many other functions.
Browser and assistive technology compatibility
We aim to support the widest array of browsers and assistive technologies as possible, so our users can choose the best fitting tools for them, with as few limitations as possible. Therefore, we have worked very hard to be able to support all major systems that comprise over 95% of the user market share including Google Chrome, Mozilla Firefox, Apple Safari, Opera and Microsoft Edge, JAWS and NVDA (screen readers).
Notes, comments, and feedback
Despite our very best efforts to allow anybody to adjust the website to their needs. There may still be pages or sections that are not fully accessible, are in the process of becoming accessible, or are lacking an adequate technological solution to make them accessible. Still, we are continually improving our accessibility, adding, updating and improving its options and features, and developing and adopting new technologies. All this is meant to reach the optimal level of accessibility, following technological advancements. For any assistance, please reach out to
