Meltdown and Spectre
Intel Processor Vulnerabilities: What You Need to Know
Intel Processor Vulnerabilities: What You Need to Know
Microsoft, Linux, Google, and Apple started rolling
out patches addressing design flaws in processor chips that
security researchers named Meltdown and Spectre. Here’s what you need to know
about these flaws:
out patches addressing design flaws in processor chips that
security researchers named Meltdown and Spectre. Here’s what you need to know
about these flaws:
What are Meltdown and Spectre?
Meltdown, designated as
CVE-2017-5754, can enable hackers to gain privileged access to parts of a
computer’s memory used by an application/program and the operating system (OS).
Meltdown affects Intel processors.
CVE-2017-5754, can enable hackers to gain privileged access to parts of a
computer’s memory used by an application/program and the operating system (OS).
Meltdown affects Intel processors.
Spectre, designated as
CVE-2017-5753 and CVE-2017-5715, can allow attackers to steal information
leaked in the kernel/cached files or data stored in the memory of running
programs, such as credentials (passwords, login keys, etc.). Spectre reportedly affects
processors from Intel, Advanced Micro Devices (AMD), and Advanced RISC Machine
(ARM).
CVE-2017-5753 and CVE-2017-5715, can allow attackers to steal information
leaked in the kernel/cached files or data stored in the memory of running
programs, such as credentials (passwords, login keys, etc.). Spectre reportedly affects
processors from Intel, Advanced Micro Devices (AMD), and Advanced RISC Machine
(ARM).
Modern processors are designed to perform “speculative execution.” This
means it can “speculate” the functions that are expected to run, and by
queueing up these speculations in advance, they can process data more
efficiently and execute applications/software faster. It’s an industry
technique used to optimize the processor’s performance. This technique though
permits access to data that are normally isolated. An attacker, therefore, can
send an exploit that would find a way to get into this data.
means it can “speculate” the functions that are expected to run, and by
queueing up these speculations in advance, they can process data more
efficiently and execute applications/software faster. It’s an industry
technique used to optimize the processor’s performance. This technique though
permits access to data that are normally isolated. An attacker, therefore, can
send an exploit that would find a way to get into this data.
What’s their impact?
Intel processors built since 1995 are reportedly
affected by Meltdown, while Spectre affects devices running on Intel, AMD, and
ARM processors. Meltdown is related to how privileges can be escalated, while
Spectre entails access to sensitive data that may be stored on the
application’s memory space.
affected by Meltdown, while Spectre affects devices running on Intel, AMD, and
ARM processors. Meltdown is related to how privileges can be escalated, while
Spectre entails access to sensitive data that may be stored on the
application’s memory space.
The potential impact is far-reaching: Desktops,
laptops, and smartphones running on vulnerable processors can be exposed to
unauthorized access and information theft. Cloud-computing, virtual
environments, multiuser servers—also used in data centers and enterprise
environments— running these processors are also impacted.
laptops, and smartphones running on vulnerable processors can be exposed to
unauthorized access and information theft. Cloud-computing, virtual
environments, multiuser servers—also used in data centers and enterprise
environments— running these processors are also impacted.
It’s also worth noting that the patches that have
been released for Windows and Linux OSs can reportedly result into system
performance slowdown from five to 30 percent, depending on the workload.
been released for Windows and Linux OSs can reportedly result into system
performance slowdown from five to 30 percent, depending on the workload.
Google’s Project Zero has
proof-of-concept (PoCs) exploits that work against certain software.
Thankfully, Intel and Google reported they have not yet seen attacks actively
exploiting these vulnerabilities so far.
proof-of-concept (PoCs) exploits that work against certain software.
Thankfully, Intel and Google reported they have not yet seen attacks actively
exploiting these vulnerabilities so far.
Are they fixed
already?
already?
Microsoft issued a security bulletin and advisory ahead
of their monthly patch cycle to address these vulnerabilities in Windows 10.
Updates/fixes for Windows 7 and 8 will be deployed on the January Patch
Tuesday, which will be on January 9. Microsoft also issued recommendations and
best practices for clients and servers.
of their monthly patch cycle to address these vulnerabilities in Windows 10.
Updates/fixes for Windows 7 and 8 will be deployed on the January Patch
Tuesday, which will be on January 9. Microsoft also issued recommendations and
best practices for clients and servers.
Google has published mitigations on the
infrastructure/products that may be affected (YouTube, Google Ads, Chrome,
etc.). They also released a Security Patch Level (SPL)
for Android covering updates that can further limit attacks that may exploit
Meltdown and Spectre. A separate security update for Android will also be
released on January 5. Note that patching on Android is fragmented, so users
need to notify their OEMs for their availability. Nexus and Pixel devices can
automatically download the update.
infrastructure/products that may be affected (YouTube, Google Ads, Chrome,
etc.). They also released a Security Patch Level (SPL)
for Android covering updates that can further limit attacks that may exploit
Meltdown and Spectre. A separate security update for Android will also be
released on January 5. Note that patching on Android is fragmented, so users
need to notify their OEMs for their availability. Nexus and Pixel devices can
automatically download the update.
Apple’s macOS has been reportedly patched
in version 10.13.2, while 64-bit ARM kernels were
also updated. VMWare also issued its
own advisory. Mozilla, whose team confirmed that
browser-based attacks may be possible, addressed the vulnerabilities with
Firefox 57.
in version 10.13.2, while 64-bit ARM kernels were
also updated. VMWare also issued its
own advisory. Mozilla, whose team confirmed that
browser-based attacks may be possible, addressed the vulnerabilities with
Firefox 57.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!