NopSec.com uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites, NopSec.com’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to NopSec.com, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.

Acknowledge

Just in Time Bulletin: Meltdown and Spectre

Sep 02, 2021

What are Meltdown and Spectre?

Three critical vulnerabilities were recently identified by independent teams of security researchers. The three vulnerabilities, collectively dubbed Meltdown and Spectre, impact all Intel CPUs built in the last 15 or so years – which is quite a significant number of devices. These two vulnerabilities enable a malicious user land application to read the protected kernel memory of other processes (Meltdown) and applications (Spectre). This could include things like passwords, personal documents, and credit card data.

Who is affected by this?

Almost everyone. Meltdown exclusively impacts Intel processors. So, if you have an Intel CPU you’re impacted. Spectre on the other hand impacts Intel, AMD, and ARM processors. Combined, the list of vulnerable devices includes PCs, Macs, Android and iOS devices, baby monitors, your microwave (probably) – all of which run a vulnerable CPU.

How are they exploited?

Exploitation occurs through the execution of malicious untrusted applications. Proof of concept JavaScript code has been released for Linux. This means that all a victim has to do is visit the wrong website. Spectre is a more difficult vulnerability to exploit, and to this point no proof of concept code has been seen in the wild.

What do they do?

The vulnerabilities enable an attacker to defeat the barriers between the memory space of user-land (normal) processes and kernel process. This effectively enables a malicious application to read portions of kernel memory, which often contains data prior to being encrypted, processed, and sent to a socket.

How do I protect myself?

Update your software! Microsoft, Apple, Google, and other vendors have released patches to mitigate the risk Meltdown. If an update is available for your platform, install it. Intel has also announced that 90% of the CPUs released within the last 5 years will have a patch available by next week, which should mitigate the impact of Spectre.

Outside of software updates, use sound fundamental security principles when accessing the Internet. Avoid downloading an executing files from untrusted sources, and avoid visiting unknown sites.

Additional Resources: