• info@testbytes.net
  • +91 811 386 5000
whatsapp

Meltdown and Spectre: 2 CPU Security Bugs You Need to Know About

meltdown and spectre CPU security bugs featured image

Being a cyber security term, vulnerability refers to the flaws seen in a system which further make ways for hackers and malware. At the beginning of 2018, the IT industry is already scrambling to patch up with the major security vulnerabilities that have affected almost all computers in the world.

app testing

The two flaws naming- Spectre & Meltdown was found by the security researchers at the Project Zero at Google. The vulnerabilities could allow leaking of information from mis-speculated execution which further leads to arbitrary virtual memory across various local security boundaries. Vulnerabilities in this particular issue are affecting numerous modern processors including AMD, ARM, Intel, and Apple.

Meltdown and Spectre- Security Bugs

According to the researchers Meltdown (CVE-2017-5754) is considered to be one of the worst CPU bug found till date. This bug is primarily thought to affect Intel processors manufactures since 1995. Meltdown allows the hacker to get through the hardware barrier seen between the users and the core memory of the PC.

Features:

  • Discovered by Jann Horn, a security analyst at the Google Project Zero
  • Allows low privileged processes to gain access to high privileged kernal processes to steal system memory
  • In modern processors, it used the side channel informations
  • Till now, has only affected the Intel processors
  • Makes fundamental processes fundamentally unreliable

In the case of Spectre, the vulnerability is more widespread and seen affecting modern processors from AMD, Intel and even the ARM chips on mobile devices. This is considered to be more likely a much serious issue as it requires redesign of the processors to fix the problem in future hardware generations.

Features:

  • Discovered by Mr. Horn and Mr. Kocher, in coordination with Mike Hamburg, Mr. Lipp and Yuval Yarom at Google
  • Hardware vulnerability with speculative execution that affect modern processors
  • Much deeper and is hard to patch
  • Consist of 2 common ID’s- CVE-2017-5753, CVE-2017-5715
  • It centres on Brand prediction which is a part of speculative execution
  • It is more generalized as it does not rely on a single processors memory management

Both these vulnerabilities can be used by attackers to steal and spy on secure data like encryption keys, passwords etc. which are seen on the cache memory and also can access the recently processed data in the system.

Part of Computer That is at Risk

The issues related to Meltdown and Spectre exist within the CPU of Windows, Android, Linux, iOS, macOS, Chromebooks and several other operating systems. A computer generally consist of huge amount of data and the core part of a computer’s operating system known as the kernel, handles the data synchronising process.

When data is in the cache, it is managed by the processor and, it is at this point that new vulnerabilities come into effect. Meltdown grabs information by simply snooping to the memory used by the kernel. And in the case of Spectre, it makes programs to perform unwanted operations which in-turn leaks data, that needs to stay confidential.

Both attacks exploit “speculative execution”, which prepares the results of a set of instructions to a chip. These results are then placed in one of the fastest bits of memory on the PC chip. Unfortunately, this can further manipulate the system bit by bit, therefore allowing the hacker to retrieve confidential data from a computer’s memory.

How is a Computer Targeted?

A hacker tries some kind of codes on a user’s computer in order to try exploit using Meltdown  & Spectre. This can be avoided by the following steps:

  • Blocking ads, browser scripts and page trackers
  • Use Chrome’s ‘site isolation feature

Steps Issued Against the Major CPU Flaw:

Practically every computing devices including laptops, smart phones and even cloud computing systems are affected by these two CPU bugs. Every major technology companies have started working against Meltdown and Spectre to protect themselves and their customers.

testbytes-mobile-app-testing-banner

  • Apple points out that it is already affected by these two CPU bugs and the company advised customers to update their device’s operating system and to only download apps from the App Store
  • Microsoft has released updates and installing the new patches can protect devices from the vulnerabilities
  • Intel has rolled out security patches and firmware updates to protect against Meltdown and Spectre. ARM is working with AMD AND
  • Microsoft, Mozilla and Google have issued patches for these browsers as the first step to defence
  • Google says that it will roll out a patch for Chrome 64
  • Chrome OS devices are patched with Kernel Page Table Isolation in Chrome OS 63 and above
  • The service provider Amazon is working to patch the servers used in their data centres

On the whole, companies and individuals should apply available security updates before the problem gets worse.

Conclusion

There is not much that can be done to resolve this issue but it can be avoided in future by redesigning processors so that attacks becomes impossible. Processors, devices, drives, operating system and numerous other have evolved optimizations for security security risks. As the security problems rise in IT industry, the choices needs to be reconsidered and in many cases new implementations are necessary.

Testbytes