Meltdown and Spectre: The two new security vulnerabilities explained
Last updated on April 14th, 2020
Various researchers, including Google Project Zero, have today disclosed two critical processor vulnerabilities, named “Meltdown” and “Spectre”.
These vulnerabilities affect laptops and workstations from all major manufacturers including HP, Dell, Microsoft, Apple etc.
Essentially, they allow programs to steal data which is currently processed on a computer. This could include passwords stored in a password manager or a browser, photos, emails, instant messages or documents.
Typically programs cannot read data from other programs. However, a malicious program can exploit Meltdown and Spectre to get hold of information stored in the memory of other running programs.
The implications of these bugs are far-reaching and can affect personal computers, mobile devices and the cloud. The QuoStar team have collated the following information about both hardware bugs for your convenience below.
What is Meltdown?
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the details of other programs and the operating system.
Every Intel processor which implements out-of-order execution is potentially affected by Meltdown. This means that every processor since 1995 (except Intel Itanium and Intel Atom before 2013) could be vulnerable, which may affect desktop, laptop and cloud computers. It is currently unclear whether Meltdown also affects ARM and AMD processors.
At QuoStar we are continually monitoring the situation and all workstations and servers that we manage are showing as clear of any malicious software. Our monitoring systems will alert us to any potential problems, and we will keep our clients informed of any new information.
However, if your computer does have a vulnerable processor and is running an unpatched operating system, then researchers are recommending not to work with sensitive information due to the potential for data leak.
What is Spectre?
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices into leaking their details.
Spectre affects all desktop, laptops, cloud server and smartphones. Specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. Spectre has been verified on Intel, AMD and ARM processors by researchers.
What should I do?
Unlike usual malware, Meltdown and Spectre are hard to distinguish from regular benign applications. However, your antivirus may detect malware which uses attacks by comparing binaries after they are known.
Microsoft has released a security patch, which we are working to apply to applicable client systems. However, there are some limitations in terms of the compatibility with this patch and some Anti-Virus products. Therefore it may be necessary to wait for Microsoft to release an improved patch before it is applied to all systems. We keep all clients aware of current and future planned patching activity.
There are also patches against Meltdown for Linux and OS X. Furthermore, there is work to harden software against future exploitation of Spectre, respectively to patch software after exploitation.
We recommend to our clients that they update any device which is not managed by QuoStar as soon as practicable.
If you would like to read further information on either vulnerability, researchers have set up a website called Meltdown Attack.
The QuoStar team are here to assist with any Meltdown or Spectre queries or issues, please give us a call on 01202 055400 for further advice.
The realities of remote working
Remote working has been around since communications have been available to the roaming and remote worker, in general terms. It’s been pushed and pulled by small, medium and large-sized enterprises. It’s been claimed as the future of working and also criticised as the destroyer of efficiency and culture. But there’s one important question that has […]
Migrating to Windows 7 or 8
“Microsoft ‘U-turn’ sees Start button back on Windows 8” – BBC. “Windows 8 ‘sales’ barely half as good as Microsoft claims” – The Register. “Microsoft Surface tablet ‘fire sale’ now underway” – InfoWorld. Based on these headlines, you’d think Microsoft is dead in the water, Windows 8 a flop and its Surface computer finished. In […]
What is a firewall? – How it works and what it does
1. What is a firewall A firewall is a network security device located between your internal network and the wider Internet. A firewall monitors incoming and outgoing network traffic – blocking or allowing it based on a set of configurable rules. Firewalls are a fundamental piece of security and typically form the first line of […]