Meltdown and Spectre are viruses which exploit critical vulnerabilities in modern processors like Intel I*86 microprocessor, IBM power processor and some ARM based processors and allow the stealing of data from servers and desktops to tablets and Smartphones.
Despite depriving one program the authority to read the data from another program, Meltdown and Spectre are specially designed to access the memory locations of other running programs and retrieve sensitive information. This information might include your passwords, your personal photos, emails, instant messages and even business-critical documents.
What is Meltdown?
Meltdown, designated as CVE-2017-5754, breaks the most fundamental isolation between user applications and the operating system. This enables hackers to gain access to parts of a computer’s memory used by an application/ program and the operating system (OS).
Processors running on unpatched Operating system are prone to such vulnerabilities. This applies both to personal computers as well as cloud infrastructure.
Desktop, Laptop, and Cloud computers may be affected by Meltdown. This includes all Intel processors and some ARM processors are also impacted.
What is Spectre?
Spectre, designated as CVE-2017-5753 and CVE-2017-5715, breaks the isolation between different applications. It tricks other applications into accessing arbitrary locations in their memory. This allows attackers to steal information such as credentials (passwords, username etc) leaked in the kernel/ cached files stored in the memory of running programs.
Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. All modern processors including Intel, AMD, and ARM processors are victims of this attack.
How do Meltdown and Spectre attacks work?
Spectre and Meltdown work on Side Channel attack. To understand this phenomenon we first need to be acquainted with these two terms, Speculative execution and caching.
Speculative execution essentially involves a chip attempting to predict the future in order to work faster. In this execution the chip works on the logic of a program to generate all possible outcomes to keep them handy when needed.
Caching is the process to speed up memory access. This memory gets filled with data that is relevant or that will be required next by the chip Also, The Data pointing to the output by speculative execution is often stored in cache. Hence, this makes speculative execution a speed booster.
Meltdown and Spectre work on Side Channel attack where caching and speculative execution start grappling with protected memory. Because of the way computer memory works, just knowing the addresses where data is stored can help you deduce what the data is.
Why are Spectre and Meltdown dangerous?
Spectre and Meltdown both open up possibilities for dangerous attacks. Web Browser could be tricked by Spectre into revealing sensitive information like username and password.
Attackers could exploit Meltdown to view data owned by other users and even other virtual servers hosted on the same hardware, which is potentially disastrous for cloud computing hosts.
Workaround/Fixes against this malware attack
While possible in theory, but difficult in practice, unlike usual malware, Meltdown and Spectre are hard to distinguish from regular benign applications.
However, there are patches against Meltdown and Spectre for Linux (KPTI (formerly KAISER)), Windows.
So it is advised to upgrade the processor, OS to the latest versions to save your system from the assault of this malicious malware.
Threat Summary
Steps to be followed to prohibit the entry of Meltdown and Spectre virus in the system
Step A: Update your system software
Step B: Protect your system with Windows Defender
How to protect your PC against Meltdown and Spectre CPU flaws?
Hits: 126
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.