What is MeltDown and Spectre Attack?
Meltdown and Spectre are viruses which exploit critical vulnerabilities in modern processors like Intel I*86 microprocessor, IBM power processor and some ARM based processors and allow the stealing of data from servers and desktops to tablets and Smartphones.
Despite depriving one program the authority to read the data from another program, Meltdown and Spectre are specially designed to access the memory locations of other running programs and retrieve sensitive information. This information might include your passwords, your personal photos, emails, instant messages and even business-critical documents.
What is Meltdown?
Meltdown, designated as CVE-2017-5754, breaks the most fundamental isolation between user applications and the operating system. This enables hackers to gain access to parts of a computer’s memory used by an application/ program and the operating system (OS).
Processors running on unpatched Operating system are prone to such vulnerabilities. This applies both to personal computers as well as cloud infrastructure.
Desktop, Laptop, and Cloud computers may be affected by Meltdown. This includes all Intel processors and some ARM processors are also impacted.
What is Spectre?
Spectre, designated as CVE-2017-5753 and CVE-2017-5715, breaks the isolation between different applications. It tricks other applications into accessing arbitrary locations in their memory. This allows attackers to steal information such as credentials (passwords, username etc) leaked in the kernel/ cached files stored in the memory of running programs.
Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. All modern processors including Intel, AMD, and ARM processors are victims of this attack.
How do Meltdown and Spectre attacks work?
Spectre and Meltdown work on Side Channel attack. To understand this phenomenon we first need to be acquainted with these two terms, Speculative execution and caching.
Speculative execution essentially involves a chip attempting to predict the future in order to work faster. In this execution the chip works on the logic of a program to generate all possible outcomes to keep them handy when needed.
Caching is the process to speed up memory access. This memory gets filled with data that is relevant or that will be required next by the chip Also, The Data pointing to the output by speculative execution is often stored in cache. Hence, this makes speculative execution a speed booster.
Meltdown and Spectre work on Side Channel attack where caching and speculative execution start grappling with protected memory. Because of the way computer memory works, just knowing the addresses where data is stored can help you deduce what the data is.
Why are Spectre and Meltdown dangerous?
Spectre and Meltdown both open up possibilities for dangerous attacks. Web Browser could be tricked by Spectre into revealing sensitive information like username and password.
Attackers could exploit Meltdown to view data owned by other users and even other virtual servers hosted on the same hardware, which is potentially disastrous for cloud computing hosts.
Workaround/Fixes against this malware attack
While possible in theory, but difficult in practice, unlike usual malware, Meltdown and Spectre are hard to distinguish from regular benign applications.
However, there are patches against Meltdown and Spectre for Linux (KPTI (formerly KAISER)), Windows.
So it is advised to upgrade the processor, OS to the latest versions to save your system from the assault of this malicious malware.
Threat Summary
- Name: Meltdown and Spectre
- Browsers Affected: Google Chrome, Internet Explorer, Mozilla Firefox, Safari
- Targeted Operating System: Windows , MAC, Android, iOS
- Category: Virus
- Symptoms: Meltdown and Spectre operate silently in the background. The virus impacts system performance and render it slow.
Steps to be followed to prohibit the entry of Meltdown and Spectre virus in the system
Step A: Update your system software
Windows 7
- Click on the Windows icon present in the bottom left corner of the task bar to open up the Start menu.
- Click on the ‘Control Panel’ button in the Start menu. This will open the control panel dialog box.
- In the Control Panel dialog box click on the ‘View by:’ dropdown at the top right corner of the dialog box and Select the Large Icons
- Click on”Windows Update” link.
- After Windows Update opens, click “Check for Updates” button.
- Once Windows finishes checking for updates, click the “Install now” button.
- When the updates have finished installing, restart your computer (if prompted).
Windows 10
- Click on the Search Box and type “Update” (you can also press Windows key + Q to bring up the search bar needed. This shortcut will launch the search function on your system). Windows Update Settings should appear in the results list. Click on it to launch the program.
- Check for the Update Status. If Windows Update says your device is up to date, you have all the updates that are currently available. For more info about updates, click on View installed update history.
- Once the system software are updated click on Restart Now button to install the Updated software.
Step B: Protect your system with Windows Defender
Windows 7
- Click on the Windows icon present in the bottom left corner of the task bar to open up the Start menu.
- Click on the ‘Control Panel’ button in the Start menu. This will open the control panel dialog box.
- In the Control Panel dialog box click on the ‘View by:’ dropdown at the top right corner of the dialog box and Select the Large Icons
- Click on the Windows Defender icon. This will open the windows defender dialog box.
- Click on ‘Check for updates now’ button. It will check for Updated definitions before scanning the system.
- Once the Defender is updated click on Scan Now button.
- This will take some time to scan the system for threats.
- Once the scanning is complete and no threats are found you will be notified with a message ‘No unwanted or harmful software detected’ in a Green Bar.
- If threats are found, you are recommended to use an antivirus to keep your system risk free.
Windows 10
- Click on the Search Box and type “Defender” (you can also press Windows key + Q to bring up the search bar needed. This shortcut will launch the search function on your system). Windows Defender Settings should appear in the results list. Click on it to launch the program.
- In the Defender window click on Open Windows Defender Security Center button. This will launch Windows Defender Security Center window.
- Click on Virus & Threat Protection icon, from the Windows Defender Security Center window.
- In the Virus and Threat Window that appears click on Quick scan button. This will scan the system for Virus and other threats.
- System scan will take some time. Once the scanning is complete and no threats are found you will be notified with a message pop up at the bottom right corner of the window, ‘No threats were found’.
- If threats are found, you are recommended to use an antivirus to keep your system risk free
How to protect your PC against Meltdown and Spectre CPU flaws?
- Keeping the Operating System Updated- In order to remain protected and avoid such infections, it is recommended to keep your Operating System updated by enabling the automatic update on your system. The systems with outdated or older versions of Operating System become an easy target for the attackers.
- Regular periodical backup- In order to keep your data and files safe, it is recommended to take regular back up of all your data and files either on an external drive or cloud.
- Use Anti-Virus Protection- We strongly recommend the use of antivirus protection/internet security in your PC like Sophos and Vipre so that it remains safe.
- Keep your Browser Updated
Hits: 126
Home
