Blog
Meltdown and Spectre: The two new security vulnerabilities explained
January 4th, 2018
Various researchers, including Google Project Zero, have today disclosed two critical processor vulnerabilities, named “Meltdown” and “Spectre”.
These vulnerabilities affect laptops and workstations from all major manufacturers including HP, Dell, Microsoft, Apple etc.
Essentially, they allow programs to steal data which is currently processed on a computer. This could include passwords stored in a password manager or a browser, photos, emails, instant messages or documents.
Typically programs cannot read data from other programs. However, a malicious program can exploit Meltdown and Spectre to get hold of information stored in the memory of other running programs.
The implications of these bugs are far-reaching and can affect personal computers, mobile devices and the cloud. The QuoStar team have collated the following information about both hardware bugs for your convenience below.
What is Meltdown?
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the details of other programs and the operating system.
Every Intel processor which implements out-of-order execution is potentially affected by Meltdown. This means that every processor since 1995 (except Intel Itanium and Intel Atom before 2013) could be vulnerable, which may affect desktop, laptop and cloud computers. It is currently unclear whether Meltdown also affects ARM and AMD processors.
At QuoStar we are continually monitoring the situation and all workstations and servers that we manage are showing as clear of any malicious software. Our monitoring systems will alert us to any potential problems, and we will keep our clients informed of any new information.
However, if your computer does have a vulnerable processor and is running an unpatched operating system, then researchers are recommending not to work with sensitive information due to the potential for data leak.
What is Spectre?
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices into leaking their details.
Spectre affects all desktop, laptops, cloud server and smartphones. Specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. Spectre has been verified on Intel, AMD and ARM processors by researchers.
What should I do?
Unlike usual malware, Meltdown and Spectre are hard to distinguish from regular benign applications. However, your antivirus may detect malware which uses attacks by comparing binaries after they are known.
Microsoft has released a security patch, which we are working to apply to applicable client systems. However, there are some limitations in terms of the compatibility with this patch and some Anti-Virus products. Therefore it may be necessary to wait for Microsoft to release an improved patch before it is applied to all systems. We keep all clients aware of current and future planned patching activity.
There are also patches against Meltdown for Linux and OS X. Furthermore, there is work to harden software against future exploitation of Spectre, respectively to patch software after exploitation.
We recommend to our clients that they update any device which is not managed by QuoStar as soon as practicable.
If you would like to read further information on either vulnerability, researchers have set up a website called Meltdown Attack.
The QuoStar team are here to assist with any Meltdown or Spectre queries or issues, please give us a call on 01202 055400 for further advice.
Can remote working make firms more productive?
Both hailed as the future of working and criticised as the destroyer of efficiency, is remote working for every firm? Remote working has existed since communications have been available to the roaming and remote worker. It has been pushed and pulled by enterprises of all sizes, and it has been claimed as the future of working […]
How the need for Managed IT Support Services has changed since 2020
We look at where the IT Support needs of SME’s are heading and why. Here at QuoStar we’ve certainly seen an increase in the demand for Managed IT Support Services, particularly over the last 12 months. And especially by Small and Medium Enterprises (SME’s). The driving force behind the need for Managed IT Support […]
In the press: How can law firms stay safe from scam emails?
Originally published in InterContinental Finance & Law