The Meltdown and Spectre processor vulnerabilities have affected nearly every modern processor from Intel, AMD, and ARM. Discovered by the Google Project Zero team, the vulnerabilities allow Reading privileged memory with a side-channel. It means it can read personal data, passwords and other critical data from arbitrary kernel-memory locations. The hardware bugs would allow a malicious program to read the memory of other running programs – even in browsers, and password managers. The bugs can affect the device security of desktops, laptops, smartphones and cloud servers.
The Meltdown Security Flaw
Meltdown exploits “side effects of out-of-order execution” on modern processors. It reads arbitrary kernel-memory locations such as personal data and passwords. However, the out-of-order execution is an essential feature needed in modern processors. The attack is OS independent, and also does not depend on any software vulnerabilities. Even without any permissions or privileges, Meltdown allows an attacker to read the memory of other processes or virtual machines in the cloud. Hence, this flaw virtually affects device security of every computer user.
The Spectre Security Flaw
Exploiting this flaw, attackers can induce a victim to perform operations that would not occur during correct program execution. This would then leak confidential information of the victim.
Flaw Discovery
The Project Zero team reports: “We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.
Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, we have exploits that work against real software.”
Intel Issues Updates
On 1st June 2017, the Google Project Zero team had alerted this vulnerability issue to Intel, AMD and ARM. Since then, Intel and its partners have issued and deployed updates in the form of firmware updates and software patches to ensure device security. Intel reports that it has issued updates to over 90% of its processor products that it had released over the past 5 years.
OS Vendors, Device Manufacturers Release Updates
Additionally, operating system vendors such as Microsoft and Apple, device manufacturers, public cloud service providers, and others have released device security updates for their products and services.
Microsoft
Microsoft has rolled out security patches, however, the updates were not compatible with some antivirus solutions – it even led to the Blue Screen of Death (BSOD). Microsoft has requested antivirus vendors to update their software to make it compatible with the security updates.
Apple
Apple has revealed that all iOS and Mac systems are vulnerable to Meltdown and Spectre, and it has released iOS 11.2, macOS 10.13.2, and tvOS 11.2 that provide protection against these vulnerabilities.
How to protect from Meltdown And Spectre
1.Updates
Computer users worldwide must immediately update their operating systems and other computer (device) software. Even if automatic updates has been set up, immediately perform a manual update, and ensure that your systems are up-to-date. Do check if any other updates are available.
- Ensure updates for your:
- operating system
- software applications
- firmware
2. Browser Update
Browsers such as Google Chrome and Mozilla Firefox have released updates, hence manually ensure that your browser is updated
- Ensure automatic updates for your browsers
- Manually update your browsers
- Manually check for available updates
3.Google Chrome Site Isolation feature
This month (January 2018), Google Chrome is expected to release version 64 with additional security features to tackle vulnerability issues such Meltdown, Spectre and others. In version 63, Chrome has a Site Isolation feature that ensures that each website uses a separate instance of Chrome. This is to prevent a malicious site from infecting or accessing data from other websites. The “Site Isolation” feature is presently an experimental feature being tried out by Chrome.
4.Countermeasure KAISER
In operating systems, in order to prevent side-channel attacks targeting KASLR, a countermeasure named KAISER had been developed. The Google Project Zero team found that KAISER inadvertently protects against Meltdown, and hence recommends immediate deployment of KAISER on all operating systems. The patches rolled out by Windows, Linux, and OS X are expected to have this countermeasure.