Last week’s security announcements about vulnerabilities in modern chips have implications across every industry. These vulnerabilities, branded Meltdown and Spectre, represent fundamental problems with CPU architecture design. The combination of the two affects CPUs of all types of systems from mobile phones, tablets, laptops, desktops, servers, routers, firewalls, switches, wireless, printers, NAS, SAN, and IoT devices.

While these revelations raise further questions about the future of processor construction, we’ll focus today on what the vulnerabilities are and how to protect your businesses and devices.

divider 600

Meltdown

Meltdown is applicable to virtually every Intel chip. Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, potentially malicious applications can access system memory, and read sensitive data such as passwords or PII, according to the researchers who discovered the flaws. Meltdown dupes other applications into accessing random locations in their memory. Meltdown mainly affects Windows, Mac, and Linux systems.

divider 600

Spectre

Spectre is applicable to chips from Intel, AMD, and ARM, and probably every other processor on the market that offers speculative execution. Spectre breaks the segregation between different applications. It allows an attacker to trick programs which might otherwise be following best practices into leaking their secrets. Ironically, the safety checks of said best practices increase the attack surface and may make applications more susceptible to Spectre. This can be exploited via JavaScript on your browser. So being careful which websites you visit will be important. All major browsers have patches coming to protect you from this. IPS vendors have come up with ways to detect and kill packets trying to perform an exploit of Spectre. Check with your vendors for updated rules to IPS and IDS systems.

divider 600

How to Protect yourself

The good news is Apple, Google and Microsoft have released updates to protect their systems from Meltdown. Updates for Spectre are expected the coming weeks from the same vendors along with Cisco, Qualcomm, D-Link, DellEMC, Red Hat, Canonical and many others.

Check with your vendors for their latest security patches for the fixes that will protect you and your data from this type of attack.

Microsoft has reported in an alert that neither patches will be installed so a long as a device is running an incompatible version of antivirus software, so also check your antivirus vendor for updates.

divider 600

Further Reading https://meltdownattack.com/ https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/ https://www.bankinfosecurity.com/serious-meltdown-spectre-flaws-make-cpus-exploitable-a-10557 https://www.react-etc.net/entry/exploiting-speculative-execution-meltdown-spectre-via-javascript