Meltdown and Spectre: The two new security vulnerabilities explained
January 4th, 2018
Various researchers, including Google Project Zero, have today disclosed two critical processor vulnerabilities, named “Meltdown” and “Spectre”.
These vulnerabilities affect laptops and workstations from all major manufacturers including HP, Dell, Microsoft, Apple etc.
Essentially, they allow programs to steal data which is currently processed on a computer. This could include passwords stored in a password manager or a browser, photos, emails, instant messages or documents.
Typically programs cannot read data from other programs. However, a malicious program can exploit Meltdown and Spectre to get hold of information stored in the memory of other running programs.
The implications of these bugs are far-reaching and can affect personal computers, mobile devices and the cloud. The QuoStar team have collated the following information about both hardware bugs for your convenience below.
What is Meltdown?
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the details of other programs and the operating system.
Every Intel processor which implements out-of-order execution is potentially affected by Meltdown. This means that every processor since 1995 (except Intel Itanium and Intel Atom before 2013) could be vulnerable, which may affect desktop, laptop and cloud computers. It is currently unclear whether Meltdown also affects ARM and AMD processors.
At QuoStar we are continually monitoring the situation and all workstations and servers that we manage are showing as clear of any malicious software. Our monitoring systems will alert us to any potential problems, and we will keep our clients informed of any new information.
However, if your computer does have a vulnerable processor and is running an unpatched operating system, then researchers are recommending not to work with sensitive information due to the potential for data leak.
What is Spectre?
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices into leaking their details.
Spectre affects all desktop, laptops, cloud server and smartphones. Specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. Spectre has been verified on Intel, AMD and ARM processors by researchers.
What should I do?
Unlike usual malware, Meltdown and Spectre are hard to distinguish from regular benign applications. However, your antivirus may detect malware which uses attacks by comparing binaries after they are known.
Microsoft has released a security patch, which we are working to apply to applicable client systems. However, there are some limitations in terms of the compatibility with this patch and some Anti-Virus products. Therefore it may be necessary to wait for Microsoft to release an improved patch before it is applied to all systems. We keep all clients aware of current and future planned patching activity.
There are also patches against Meltdown for Linux and OS X. Furthermore, there is work to harden software against future exploitation of Spectre, respectively to patch software after exploitation.
We recommend to our clients that they update any device which is not managed by QuoStar as soon as practicable.
If you would like to read further information on either vulnerability, researchers have set up a website called Meltdown Attack.
The QuoStar team are here to assist with any Meltdown or Spectre queries or issues, please give us a call on 01202 055400 for further advice.
What is the difference between email archiving and email backup?
Corporate emails are important records of business decisions, communications and information; and, just like paper documents, you must secure and store them properly. This is where an email archiving solution can assist, but many companies may believe they already store records correctly – by backing up their mailboxes on a regular basis. There is often […]
How to reduce risk by aligning business strategy and IT strategy
On the ‘business’ side you have the long term business strategy and plans or business requirements. On the other side lies the IT function. This visible gap is where misalignment begins, but it’s often compounded by the negative preconceptions each side holds of the other. What business executives think of the IT department What IT […]
Why successful companies have IT leadership on their board
Businesses whose boards have strong digital skills enjoy benefits including 17% greater profits, 34% higher return on assets and 38% faster revenue growth according to a report by MIT SMR. Any of those advantages would put a company in a powerful place against their competitors, so how does this one difference deliver all three? And […]