Meltdown and Spectre: The two new security vulnerabilities explained
January 4th, 2018
Various researchers, including Google Project Zero, have today disclosed two critical processor vulnerabilities, named “Meltdown” and “Spectre”.
These vulnerabilities affect laptops and workstations from all major manufacturers including HP, Dell, Microsoft, Apple etc.
Essentially, they allow programs to steal data which is currently processed on a computer. This could include passwords stored in a password manager or a browser, photos, emails, instant messages or documents.
Typically programs cannot read data from other programs. However, a malicious program can exploit Meltdown and Spectre to get hold of information stored in the memory of other running programs.
The implications of these bugs are far-reaching and can affect personal computers, mobile devices and the cloud. The QuoStar team have collated the following information about both hardware bugs for your convenience below.
What is Meltdown?
Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the details of other programs and the operating system.
Every Intel processor which implements out-of-order execution is potentially affected by Meltdown. This means that every processor since 1995 (except Intel Itanium and Intel Atom before 2013) could be vulnerable, which may affect desktop, laptop and cloud computers. It is currently unclear whether Meltdown also affects ARM and AMD processors.
At QuoStar we are continually monitoring the situation and all workstations and servers that we manage are showing as clear of any malicious software. Our monitoring systems will alert us to any potential problems, and we will keep our clients informed of any new information.
However, if your computer does have a vulnerable processor and is running an unpatched operating system, then researchers are recommending not to work with sensitive information due to the potential for data leak.
What is Spectre?
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices into leaking their details.
Spectre affects all desktop, laptops, cloud server and smartphones. Specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. Spectre has been verified on Intel, AMD and ARM processors by researchers.
What should I do?
Unlike usual malware, Meltdown and Spectre are hard to distinguish from regular benign applications. However, your antivirus may detect malware which uses attacks by comparing binaries after they are known.
Microsoft has released a security patch, which we are working to apply to applicable client systems. However, there are some limitations in terms of the compatibility with this patch and some Anti-Virus products. Therefore it may be necessary to wait for Microsoft to release an improved patch before it is applied to all systems. We keep all clients aware of current and future planned patching activity.
There are also patches against Meltdown for Linux and OS X. Furthermore, there is work to harden software against future exploitation of Spectre, respectively to patch software after exploitation.
We recommend to our clients that they update any device which is not managed by QuoStar as soon as practicable.
If you would like to read further information on either vulnerability, researchers have set up a website called Meltdown Attack.
The QuoStar team are here to assist with any Meltdown or Spectre queries or issues, please give us a call on 01202 055400 for further advice.
BYOD – Get that iPad out of the board room (please!)
The BYOD drum seems to be beating in the IT/Business worlds. Here are some of my opinions at this current point-in-time. Please remember that I’m specifically talking about staff bringing in their own ‘personal’ devices into the workplace to access company systems. Where did the Bring Your Own Device (BYOD) trend start? The trend of […]
What is Microsoft Teams? | 7 benefits of Teams for businesses
What is Microsoft Teams? Microsoft Teams is a cloud-based chat and collaboration platform, designed to simplify and streamline communication between employees by offering one centralised place to connect. Instead of relying on clunky email chains, employees can send direct messages to co-workers, set up group chats or organise video, audio and web conferences, all without […]
QuoStar shortlisted for a Cloud World Series award
QuoStar has been shortlisted for a Cloud World Series Award, in the category of “Best Cloud SME Project by a Vendor”. The company, whose operational headquarters are based in Bournemouth, have been nominated alongside big names like Amazon, NetSuite and VMware. The Cloud World Series Awards are a celebration of the drive, innovation and hard work […]