0
0
Spectre and Meltdown are serious vulnerabilities that affect processors made by Intel, AMD, and ARM; they’ve affected just about every device you own. Here’s what they are, why they’re dangerous, and how you can protect yourself from the security flaws that are threatening the world’s devices right now.
Meltdown (CVE-2017-5754)
Meltdown is a serious security flaw that affects computers running Intel processors. The flaw could allow an attacker to gain access to sensitive data, such as passwords or confidential files. Thankfully, there are steps you can take to protect your computer from this threat. In order to reduce the risk of exploitation, it’s best to patch all vulnerabilities found in software like Java and Adobe Flash Player. Furthermore, use the latest version of Windows 10 if possible.
Microsoft recently released updates addressing these exploits on newer devices. However, not everyone will be able to receive these updates, which means some people may need to buy new devices with better hardware features. To further reduce the risk of being exploited by malware and attacks related to Spectre and Meltdown exploits, you should update your browsers and applications when prompted or when available.
Finally, it’s important not to open any email attachments from unknown senders because they may contain malware designed specifically for attacking systems vulnerable to Spectre/Meltdown exploits.
CVE-2017-5753 – Bounds Check Bypass
Spectre is a name given to a class of vulnerabilities that can be used to trick a program into giving up sensitive information. The specific vulnerability, CVE-2017-5753, is a bounds check bypass. This means that an attacker can trick a program into reading data outside of the bounds that it should be reading from. This can lead to the disclosure of sensitive information, such as passwords or other confidential data. The flaw lies in the way programs handle objects in memory. If we take this C code for example:
int main(int argc, char **argv) { int i = 10; char c = ‘A’; if (i == 0) printf(%s , c); else printf(Bounds Check Bypass); }
The output will always be Bounds Check Bypass because the second argument to printf() would have been out of bounds had the comparison on line 4 been true. To avoid this problem, developers need to put checks in place so that values are never allowed to exceed certain boundaries. However, most systems do not contain these checks because they are complex and time consuming – requiring programmers to spend a significant amount of time ensuring security at every level.
III. CVE-2017-5715 – Rogue Data Cache Load
A local attacker could exploit this to read privileged data across trust boundaries. This may allow the attacker to access sensitive information, such as passwords or cryptographic keys. The problem lies in the way processors handle speculative execution of instructions. If an attacker can cause a target program to speculatively execute an instruction that should not be executed, the attacker may be able to read data that should not be accessible.
This attack is known as a Spectre attack.
Meltdown is a related attack that allows an attacker to read kernel memory from user space. This can be used to read passwords, cryptographic keys, and other sensitive data. The problem lies in the way processors handle out-of-order execution of instructions. If an attacker can cause a target program to speculatively execute an instruction that should not be executed, the attacker may be able to read data that should not be accessible. Attacks involving speculative execution are collectively called spectre attacks.
The name Meltdown refers specifically to one variant of Spectre attack, namely CVE-2017-5754 which targets CPUs’ out-of-order execution capability and reads arbitrary values from operating system memory locations.
Meltdown exploits processor performance features that were built into it years ago, when circuit dimensions were smaller than they are now; this vulnerability would never have existed if these circuit dimensions had been larger because part of executing these performance features entails accessing higher level parts of the computer’s private address space.
Timeline / Conclusion
If you’re like most people, the news of the Spectre and Meltdown vulnerabilities left you feeling a little confused. What exactly are these vulnerabilities? How do they work? And most importantly, what can be done to protect against them?
The following timeline should help clear up some confusion. December 31, 2022- The Meltdown vulnerability is first announced by Google Project Zero’s Jann Horn. It is related to speculative execution and could allow an attacker access to unauthorized data stored in memory including passwords or personal photos in cases where it is cached from the web browser on local storage.
Speculative execution refers to a process that predicts which instructions will be needed ahead of time (because this lets the processor execute those instructions more quickly) but does not always hit the mark. In the case of Meltdown, rogue code in the system might be able to detect which cache line was accessed and read any information found there before the system has finished accessing it.
In response to Meltdown, operating systems were updated with new security features such as Kernel Page Table Isolation (KPTI). March 2nd, 2022 – The Spectre vulnerability is also publicized by Google Project Zero’s Jann Horn. As stated earlier, this flaw impacts CPUs and could lead to information leaks.
