Meltdown and Spectre Vulnerability

-

Meltdown and Spectre


Meltdown and Spectre are two Vulnerabilities in modern computers and smartphone which leak passwords and sensitive data and allow malware to access sensitive data without privileges.

If you are not aware of malware then check out my video series on malware. The link is available in the description down below.

Meltdown and specter CPU bugs are found in modern and old CPUs designed by Intel, ARM, and AMD. Meltdown and Spectre are basically hardware vulnerabilities that allow programs to steal user’s data currently processed on a computer. Though programs are generally not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to fetch sensitive data stored in the memory of other running programs. These hardware bugs can allow malicious programs to steal data from the memory of other programs, potentially putting a wide variety of sensitive information such as stored passwords, crypto-keys, and files at risk.

Meltdown and Spectre vulnerabilities are verified on personal computers, mobile devices, and in most of the cloud computing platform, so all are affected.

Now, talk about them separately.

What is Meltdown?

Rogue data cache load — CVE-2017-575

This vulnerability basically melts security boundaries down, which are normally enforced by the hardware, and read the contents of private kernel memory from an unprivileged user process.

Meltdown fundamentally breaks the memory isolation boundaries. This attack allows a program to access the system memory and other important data and other aspects of a program.
If your computer has a vulnerable processor and running an operating system that is outdated or not updated from quite some time, then it is not safe to work with sensitive information without the chance of leaking the information. This attack still limited to personal desktop computers, laptops, and cloud infrastructure.

If I say in a  technical way then, every Intel processor which implements or uses an algorithm or technology to utilize and maximize CPU processing units, so that CPU can not become idle, this is also called out-of-order execution, is potentially affected, this vulnerability exploiting Intel processors since 1995 except Intel Itanium and Atom family earlier than 2013. Google’s project zero team, successfully tested and Identified Meltdown on Intel processor generations released as early as 2011. 

On current reports, the team has only verified Meltdown on Intel processors. Right now, it is unclear whether AMD processors are also affected by Meltdown. According to ARM, some of their processors are also affected.

What is Spectre?

Variant 1: bounds check bypass — CVE-2017-5753
Variant 2: branch target injection — CVE-2017-571

Specter Extract information from other running processes (ex: stealing login cookies from browsers)
The name is fundamentally based on the root cause, speculative execution. Specter is not easy to fix so it will affect us for quite a long time. This attack exploits a computer technology called branch prediction. 


In branch prediction sometimes misprediction takes place which left the data behind in cache memory for attackers. That cache memory is accessed by a hacker using a side-channel attack. I will soon upload a video on the side-channel attack make sure you have subscribed and clicked the bell icon to get more updates on time.

So, if your sensitive data is left behind during a misprediction you will be screwed. Intel on this, officially announced that they will completely redesign its processors. Specter is harder to exploit than Meltdown, but it is also harder to mitigate. However, it is possible to prevent specter attacks up to an extent. 

Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. In particular, the team and associate verified Spectre on Intel, AMD, and ARM processors.

Which cloud providers are affected by Meltdown?

Cloud providers use Intel CPUs and have virtualization without having patches applied. Furthermore, cloud providers without real hardware virtualization, relying on containers that share one kernel, such as Docker, LXC, or OpenVZ are affected.

What is the difference between Meltdown and Spectre?

Meltdown breaks the mechanism of memory isolation. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain information from the accessed memory location.

Thanks to God, patches are available to create obstacles. Meltdown issue is fixed as of now but specter is not, companies are just trying to Harden to hack devices. Its been quite a long time companies are working on them but they are unable to find a proper fix for them. 


If you are technical or not technical and use any smartphone, Desktop PC, and laptop then only remember a thing, update your devices as soon as patches are available from vendors. If you have not updated your Operating system, and security patches yet, I suggest you upgrade now.

Comments

Post a Comment

Popular posts from this blog

How do you host your website on free web hosting services or free web hosting sites?

-
What is web hosting? If you have a website, which is basically a collection of static or dynamic web pages and you want to make your site data public then you need a server which can store your pages in it, so that these pages can be invoked by users. You can also use your system as a server to host your site on your own computer. But you have some limitations when you host your site on your own computer as follow: 1. You need high speed internet to make your site available on the internet every time or 24x7. 2. If your site is dynamic and store some sort of user information then you need a proper backup for your site, which is costly. The alternate of the above process is to host your site on the paid or free web hosting companies . There is a list of paid and free hosting companies. Paid Service Web Hosting Companies 1. Hostgator.com 2. Bigrocks.com 3. Godaddy.com 4. Bluehost.com Free Service
Read more

What is BSQL or Blind SQL Injection?

-
"BSQL is an acronym of Blind SQL Injection , a sort of SQL Injection, used when a customized error page is sets as a substitute of database error message in order to increase database complexity for intruders." Blind SQL Injection or BSQL is a kind of SQL Injection , which is used to find out vulnerabilities in a database system to exploit. Blind SQL is similar to SQL Injection because in both ways an intruder try to steal digital identities or data from a database system in order to exploitation. To Increase the SQL Injection complexity a developer or application programmer sets an error page as a substitute of database error message. So when a hacker apply SQL Injection attack on a database system a customized error page is returned except database error message, which makes that intruder or hacker blind to exploit with database. Eventually, this problem for hackers raise to create a new kind of SQL Injection to attack blindly on the
Read more

Meaning of ping, Ip config, Trace-rt and netstat commands in Networking.

-
In the field of networking, sometimes some basic commands are very necessary to keep in mind because they help us to Know a lot of things like how to get the Ip address of a URL?, How to check that there is a connection established between client and server ?, How to trace the route of packets or get the IP address of the routers through your packet is coming ?, How to know your IP and MAC address ? and How to get the IP address of any system connected in a LAN (Local Area Network) ? So let me explain each of them one by one in this post. PING PING stands for Packet Internet Gopher and it is a utility software of windows operating system and often used to check the connection establishment between your PC and server e.g, it may your ISP's (Internet Service Provider) Server, if you are unable to use Internet while using broadband service you can ping your ISP server to get the connection. Basically it is used to estab
Read more