If the ongoing threat of malicious codes prowling all around to exploit the security vulnerabilities of computer systems was not enough, there comes the news of systems having fundamental flaws at the kernel level. The scary part is that these flaws christened Meltdown and Spectre are present in systems (read micro processors) that were manufactured in the last twenty odd years (1995 onwards). Simply put! Arguably most of the systems used around the world if not all. So, what do these flaws mean to you and me or how can they impact us? Let us find out.
Meltdown and Spectre
These are two critical vulnerabilities that had crept into the processors, mostly of Intel origin but also found in AMD and ARM ones, as a result of features that were built into the chips to help them run faster. These vulnerabilities were identified and brought to the fore by independent researchers. Since the time these discoveries were made, software companies have released patches to mitigate the problem but some of the patches seem to have affected the system’s performance by slowing it down.
In a nutshell, these two vulnerabilities are basically three versions of the same underlying flaw and deals with the isolation between different applications. Technically, these have been referred to by their CVE numbers, an acronym for Common Vulnerabilities and Exposures program developed by MITRE, a non profit organisation funded by the US federal government to identify and collate system vulnerabilities in a ‘free dictionary’ for organisations to take cognizance of and improve their security framework. The CVE number or the officialspeak for Meltdown is CVE-2017-5754 whereas it is CVE-2017-5753 & CVE-2017-5715 for Spectre.
How Does Meltdown Work?
The vulnerability exploits a feature of the processors called ‘speculative execution’, wherein the system second guesses or speculates about the next move of the user. This is purportedly done to cut the response time and speed up processing. However, while the system lines up such speculative moves of the user, it allows the entry of certain isolated data as well. This is where a malware can get into the system disguised as an isolated data and steal information from the memory and other programs. The name ‘Meltdown’ has been given as the bug can melt securities surrounding the isolated programs.
How Does Spectre Work?
The information that is needed frequently by the processor is mostly kept in the cache memory for faster access. Spectre can get hold of the information stored in the cache memory and in turn break the isolation between different applications. Derived from the process named ‘Speculative Execution’, this bug is difficult to identify and can trick programs into sharing their ‘secrets’.
How can These Bugs Impact Us?
Due to the presence of such vulnerabilities, any malicious program or malware can exploit these to get sensitive pieces of information from other programs that are stored in a system’s memory like passwords, classified business information etc. Importantly, these bugs can impact any computer, mobile, notebook or even cloud.
What is the Remedy?
Users should update their systems through patches released by various software companies. Also, approach experts like Hex64 and carry out mitigate meltdown auditing process to identify the inherent risks in your system(s).
The threat from Meltdown and Spectre will not go anytime soon. The best way forward is to update your systems and plug the existing loopholes by identifying them through threat analysis.