Details emerged this week on two major processor security flaws, leaving firms scrambling to issue fixes and secure machines for customers.

‘Meltdown’ and ‘Spectre’ are described as “side channel” attacks that allow attackers to steal passwords, customer data, and more stored in the memory of programs running on a victim’s machine.

These security flaws work across PC’s, mobile devices, and alarmingly, the cloud. The latter scenario has the security community particularly worried as it could theoretically allow an attacker in a guest VM to steal data from other customers’ VMs on the same public cloud server.

The Meltdown flaw relates to CVE-2017-5754, a bug that “melts” the security boundaries normally enforced at the chip level to allow normal applications to read the contents of private kernel memory. Unfortunately, this flaw impacts nearly every Intel processor that implements “out-of-order execution”, essentially every processor since 1995.

The vulnerability allows an attacker to compromise privileged memory of a processor by exploiting the way processes run in parallel. They also allow the attacker to use JavaScript code running in a browser to access memory in the attacker’s process, which could contain keystrokes, passwords, and other valuable information. Patches are currently available for Linux, Windows, and OS X to mitigate Meltdown.

For cloud providers, those using Intel CPUs and XenPV as virtualization are affected since those rely on containers sharing one kernel, such as Docker, LXC, and OpenVZ.

Researchers explain Meltdown as, “Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory.

Spectre is arguably the more dangerous of the two as it’s still largely unknown and is harder to mitigate, however it has been described by security researchers as more difficult to exploit. The flaw relates to bounds check bypass bug CVE-2017-5753 and branch target injection flaw CVE-2017-5715 and affects Intel, Arm and AMD chips in “almost every system” in the desktop, laptop, cloud server, and mobile device space.

Researchers describe Spectre as, “Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.”

To date, there are no known effective fixes for Spectre, but work is currently being done to patch software after exploitation through Spectre.

The US-CERT claim the only way to fix these issues for certain is to replace the CPU hardware altogether, but that’s not an option until more secure chips are developed. Researchers also claim that these patches may cause systems to slow down significantly, but many don’t have a choice but to patch the security flaw.


Read the article on InfoSecurity Magazine



NNT Suite of Products

change tracker gen7r2 logo

Combine industry leading Device Hardening, File Integrity Monitoring, Change Control, Configuration Management & Compliance Management into one easy to use solution that can scale to the most demanding environments!

fastcloud logo

Automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology) Integrity Assurance.

log tracker logo logo

Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds.

vulnerability tracker logo

Continuously scan and identify vulnerabilities with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

USA Offices
NNT logo New Net Technologies LLC
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
1175 Peachtree St NE
Atlanta, Georgia, 30361.

Tel: (844) 898-8358
email [email protected]
UK Office
NNT logo New Net Technologies Ltd
Rivers Lodge, West Common
Harpenden, Hertfordshire

Tel: 01582 287310
email [email protected]
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified IBM Security
Copyright 2020, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.