Inside Google's Discovery and Remediation of a Critical CPU Vulnerability - Yousif Hussin

This talk was recorded at NDC London in London, England. #ndclondon #ndcconferences #developer #softwaredeveloper Attend the next NDC conference near you: https://ndcconferences.com https://ndclondon.com/ Subscribe to our YouTube channel and learn every day: / @NDC Follow our Social Media! https://www.facebook.com/ndcconferences https://twitter.com/NDC_Conferences https://www.instagram.com/ndc_conferences/ #cloud #security #cpu Just as Vulnerability Research is an important area of focus at Google, so is Vulnerability Response to critical and complex security vulnerabilities. These responses not only safeguards the security of Google's products and users but also extends its reach to millions of devices connected to the Internet, in certain instances, including the case I'm going to share here in details. In this talk, I'd like to go through a recent incident at Google, including technical details, in which I was the global lead. The incident involves the discovery by a Google's security researcher of a critical CPU vulnerability (Reptar) and the extensive remediation efforts across all of Google's products and systems. The incident presented a confluence of intriguing technical challenges and unique operational complexities. I plan to elaborate on the strategies employed by Google to address these challenges effectively, emphasizing the time constraints and pressures under which we operated.