News Security Technology

Meltdown and Spectre – What They Are And How They Impact You

David
Reading Time: 5 minutes

Widely Known CPU Vulnerabilities Meltdown and Sprectre affecting Intel, AMD and ARM Are Creating Issues, Discussions and Hype. What Are They And How Do They Impact You?

If you have been following the Information Technology News at all this week, I am sure that you have at least heard of Meltdown and/or Spectre – the Intel chip vulnerabilities that it seems like everyone is talking about. These chips are vulnerable to a severe memory leak flaw that has gotten many a consumer and IT professional in a stir. Luckily there has been some technical details released about this vulnerability that appears to affect nearly every processor made since 1995.

Google Project Zero disclosed more details, reporting that Meltdown and Spectre could potentially impact ALL major CPUs including AMD, ARM and Intel – a piece of information that could cause some serious uproar and harm to almost every PC, laptop, tablet, mobile device and smartphone irregardless of manufacturer or operating system. This piece of information alone is what many spoke of shortly after our initial report January 2nd.

 

Details

The two of these vulnerabilities have been categorized as two separate hardware issues – the first Meltdown ( CVE-2017-5754 ) and the second Spectre ( CVE-2017-5753 and CVE-2017-5715 ). These two vulnerabilities could allow potential attackers to compromise sensitive data that is being processed on the device.

These attacks take advantage of a feature of the chips known as ‘speculative execution’. This feature is used by many of our modern and common CPUs to optimize and improve performance.

Project Zero reported “In order to improve performance, many CPUs may choose to speculatively execute instructions based on assumptions that are considered likely to be true. During speculative execution, the processor is verifying these assumptions; if they are valid, then the execution continues. If they are invalid, then the execution is unwound, and the correct execution path can be started based on the actual conditions.”

Therefore, it is possible for such speculative execution to have “side effects which are not restored when the CPU state is unwound and can lead to information disclosure,” which can be accessed using side-channel attacks.

 

Meltdown

The Meltdown attack has it’s own white paper which goes on to explain that attackers can be allowed to read not only the kernel memory but that they could also reach and read the entire physical memory of the target device – revealing all secrets of running programs and the operating system itself.

“Meltdown is a related microarchitectural attack which exploits out-of-order execution in order to leak the target’s physical memory.”

The use of speculative execution by Meltdown breaks the isolation between user applications and the operating system, giving any application the ability to access all system memory, including memory that has been allocated to the kernel.

“Meltdown exploits a privilege escalation vulnerability specific to Intel processors, due to which speculatively executed instructions can bypass memory protection.”

As if this wasn’t bad enough, more and more data is being released that indicates that this vulnerability affects nearly every desktop, laptop and cloud computing machine.

 

Spectre

exploit-for-spectre-vulnerability

Spectre also has it’s own white paper  giving further details into the attack itself. The drawback with Spectre is that while it has been disclosed and people are working on a solution, it is not nearly as easy to patch and will absolutely cause issues for consumers, professionals, corporations and manufacturers as the ‘fix’ actually requires a change to the processor architecture.

Spectre breaks the isolation between different applications, allowing the attacker to trick error-free programs into leaking their data by forcing them into accessing arbitrary portions of its memory, opening the possibility to be read via a side channel attack.

Using Spectre to attack a device opens an information leak from the kernel to user programs, we well as hypervisors to guest systems. “In addition to violating process isolation boundaries using native code, Spectre attacks can also be used to violate browser sandboxing, by mounting them via portable JavaScript code. We wrote a JavaScript program that successfully reads data from the address space of the browser process running it.” the Spectre white paper explains.

According to researchers, Spectre impacts almost every system due to the way that the processor architecture has been created and is utilized within Intel, AMD and ARM chips.

“KAISER patch, which has been widely applied as a mitigation to the Meltdown attack, does not protect against Spectre.”

 

So – What Do I Do?

You may be saying to yourself “Great – so – what am I supposed to do about this”? Do not worry, we have received a number of comments and questions from consumers to technical professionals asking the same thing. Basically – we are all at the mercy of vendors and manufacturers to address and resolve these vulnerabilities. Many vendors have already released patches or are planning on releasing patches soon.

  • Windows — Microsoft has issued an out-of-band patch update for Windows 10, while other versions of Windows will be patched on the traditional Patch Tuesday on January 9, 2018
  • MacOS — Apple had already fixed most of these security holes in macOS High Sierra 10.13.2 last month, but MacOS 10.13.3 will enhance or complete these mitigations.
  • Linux — Linux kernel developers have also released patches by implementing kernel page-table isolation (KPTI) to move the kernel into an entirely separate address space.
  • Android — Google has released security patches for Pixel/Nexus users as part of the Android January security patch update.  Other users have to wait for their device manufacturers to release a compatible security update.
 Chrome web browser users can also take additional steps to address these flaws since the exploit can be executed through the website
Here’s how to turn Site Isolation on Windows, Mac, Linux, Chrome OS or Android:
  • Copy chrome://flags/#enable-site-per-process and paste it into the URL field at the top of your Chrome web browser, and then hit the Enter key.
  • Look for Strict Site Isolation, then click the box labeled Enable.
  • Once done, hit Relaunch Now to relaunch your Chrome browser.

Unfortunately, there is no single fix for both the attacks since each requires protection independently. Your Digital Mind will keep a close eye on these issues and will update you all as often as we receive more data.

Latest posts by David (see all)

Leave a Reply

Your email address will not be published. Required fields are marked *

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js