Two major vulnerabilities in microprocessors have recently been detected and uncovered by researchers of cyber security. Known as ‘Meltdown’ and ‘Spectre’, these have caused an urgency among the industry to patch and repair the vulnerabilities in products.
These vulnerabilities can provide a way for hackers to penetrate and infect a great amount of world’s computer microprocessors.
Meltdown and Spectre
According to cybertech experts, Meltdown is an attack which discloses the target processor’s physical memory by microarchitectural hack, exploiting executions that are out of order.
It uses conjectural executions to crack the isolation between operating systems and user applications. This allows any application the authority to access the entire system’s memory including the memory that has been assigned to the kernel. Meltdowns can harm almost all cloud computers, desktops and laptops .
On the other hand, Spectre uses native codes to break isolation limits between applications. Browser sandboxing can also be infected by this attack by mounting them through portable Java Script ciphers.
Nearly all systems that have been mechanized by Intel, ARM and AMD chips are
is prone to be corrupted by this vulnerability, according to researchers.
What To Do?
Mitigations and security patches have been worked on by experts and are available for the users to protect against both or at least one of these vulnerabilities.
Patches have been released by kernel developers of Linux by instrumenting KPTI (Kernel page table Isolation). This works by moving the kernel to a completely different address space.
A Windows 10 patch update has been released by Microsoft to prevent the hack. Patches for older versions of Windows would be released on January 9th.
The previous patch by Apple MacOS High Sierra 10.13.2 will be enhanced after the release of MacOS 10.13.3.
Security patches for Nexus/Pixel have been released by Google.
Chrome users can mitigate these bugs by turning on the Site Isolation feature.
- Go to the url chrome://flags/#enable-site-per-process
- Enable the Strict Site Isolation option.
A patch called KAISER, is being widely applied as mitigation for Meltdowns, but does no good to prevent Spectre attack. Keep checking this space for more information on Meltdown and Spectre.