New Vulnerabilities Spectre and Meltdown by Don Rudolph

Posted by Don Rudolph on Jan 8, 2018 2:12:29 PM

Spectre and MeltdownNew vulnerabilities Spectre and Meltdown.jpgTwo new and related security vulnerabilities called “Spectre” and “Meltdown” are significant because they affect computing platforms with Intel, AMD, or ARM central processing units (CPU’s). This includes Mac, Windows, Linux, Android and other platforms. These vulnerabilities take advantage of the ability to extract information from instructions that have been executed on a CPU using the CPU cache as a side-channel.

The impact if exploited is that an attack would allow reading of memory and data leaks that can result in privilege escalation, disclosure of sensitive information, or weaken security protections. From US Government:

“To execute code locally, an attacker would require a valid account or independent compromise of the target. Attacks using JavaScript in web browsers are possible. Multi-user and multi-tenant systems (including virtualized and cloud environments) likely face the greatest risk. Systems used to browse arbitrary web sites are also at risk. Single-user systems that do not readily provide a way for attackers to execute code locally face significantly lower risk.”

The solution is to apply patches from appropriate OS vendors such as Microsoft, Apple, and Google. Unfortunately, these patches may degrade system performance by as much as 30% for some processes. In addition, organizations with cloud infrastructure should work with their Cloud Service Provider (CSP) to patch systems and mitigate service and performance impacts resulting from host OS patching and reboots.

More information at the links below:

PC World

CNET

CERT

Don Rudolph | CISO/Sr. Consultant

don.rudolph@ncanet.com | www.ncanet.com
| Direct. 425 452 5194 |
Network Computing Architects| 330 120th Avenue NE Ste. 210| Bellevue, WA 98005