Serious hardware bugs have recently been discovered to exist in almost all modern technology devices. Here’s what you need to know about Meltdown and Spectre.
In early 2018, research revealed that there are fundamental security flaws in nearly every computer chip manufactured in the last 20 years. The variations of these flaws have been named Spectre and Meltdown. These vulnerabilities, if exploited, could allow attackers to gain access to data that was previously considered protected. So far there is no evidence of security breaches due to these flaws; however, such exploits would be difficult to detect. Spectre and Meltdown are so widespread and affect such fundamental components that they are being called catastrophic by security researchers.
what are spectre and meltdown?
Spectre and Meltdown are vulnerabilities that arose due to features that were built in to computer chips to help them run faster. Each works differently and effects different processors.
Spectre utilizes what’s called speculative execution, a function that allows computer chips to process data faster by beginning to work with the data before it is actually told to do so. Imagine a calculator that can give you either a decimal or a percent of the answer to a given calculation, which before you have requested the output format you want has already calculated them both in order to answer faster. Spectre is exploited by sending a program bad data that the program begins to process before it has passed a security check, therefore tricking the program into sending private data. Spectre is hard for attackers to use because it relies on very precise timing. However, it is less understood than Meltdown and much harder to protect against.
Meltdown utilizes caching, a technique that is commonly used to speed up memory access by allotting memory storage within the chip for information that is accessed regularly. A common instance of caching involves regularly accessed websites. Your cache will typically include a version of a websites that you visit often so that it can pull up the page without having to wait for the data to come from the actual page. With Meltdown, attackers can utilize the cache to read memory that they should not have access to using timing and bypassing the hardware barrier that is supposed to exist between applications and protected memory. Meltdown is very dangerous because any application can use it to steal your data, including a script on a web page in your browser, making it easy for attackers to exploit. Luckily, Meltdown is more easily patched, although patches will slow down your device.
what devices are impacted?
These two flaws exist in almost every chip created in the modern computing age and show a vulnerability in code that was supposed to be secure. The impact of this news is significant, both in the IT world and for everyone who uses technology.
Most devices are impacted, everything from consumer devices such as laptops and cellphones to business equipment like servers and workstations. Luckily most of these devices, if they are still supported by the manufacturer, already have had patches deployed to mitigate the issues. Some of these patches are still being tweaked. Notably, Intel released a patch meant to fix the Spectre flaw. However, after reports that this caused computers to reboot, shutdown, and sometimes create the dreaded BSoD (Blue Screen of Death) the patch is no longer recommended and is disabled in Windows computers by Microsoft. Most of these patches cause slowdowns, however updates to the patches have been reducing the slowdowns that were experienced initially.
Cloud infrastructure is also affected by these bugs; however, all the major cloud vendors have patched already. You may find that these patches slow down your performance slightly, but they will keep your infrastructure secure.
Some systems will most likely never receive a patch. Windows XP and other old systems are notable examples. Many low-cost Android phones, those not receiving security updates from Google, are unlikely to receive a patch.
what can I do?
There are a few simple things that users can do to help protect themselves from Meltdown and Spectre. These steps primarily involve making sure that all of your technology is up to date.
Begin by updating the operating system on all of your devices. Check for updates to your OS regularly and make sure that you install updates as soon as they are pushed to your device. Do not manually download updates as this can cause other issues. Keep an eye out for BIOS updates from your PC manufacturer as well.
You also should make sure that your browser is up to date. You are most likely to be attacked via your web browser so be wary of unfamiliar sites and emails from unknown senders. Be especially careful when downloading and opening attachments as this is the primary way that an attacker can gain access to your system.
Users should create a regular backup of important data and store it on a portable hard drive or other form of storage that is not connected to any network devices. As always, make sure that you have an antivirus program running. Although an antivirus will most likely not detect an attack using Meltdown or Spectre, it can help warn you as to potentially malicious downloads. There have been issues with certain antivirus programs that are incompatible with Windows patches so contact your software vendor if you have not received a Windows security update.
These vulnerabilities are serious and widespread, effecting almost every modern computing device. For now, users are advised to keep devices and systems updated and to be especially cautious of any download. Stay tuned for more news as the information around Meltdown and Spectre continues to develop.
ImagIT Solutions specializes in providing comprehensive IT services for channel partners, MSPs, and enterprise-level organizations. Our expansive engineering team is carefully vetted and trained to meet your every IT need. Whether its proactive support, an emergency call, long-term projects, or project management, ImagIT will deliver a solution that is customized to best fit your organization. Interested in learning more about working with ImagIT? Contact us today!