What are Meltdown/Spectre?

You will have seen a lot in the news about these two threats to the devices that you use and / or manage.

‘Meltdown’ and ‘Spectre’ are two related, side-channel attacks against modern CPU microprocessors that can result in unprivileged code reading data it should not be able to.

Most devices from smartphones to servers may be vulnerable. Intel, ARM and AMD have recognized the problem with thier processors, other processors may or may not be affected. Companies are working on patches to mitigate the issue.  Here is the best advice:

Patch your devices as soon as possible.

Processors in most devices employ a range of techniques to speed up their operation. The Meltdown and Spectre vulnerabilities allow some of these techniques to be abused, in order to obtain information about areas of memory not normally visible to an attacker. This could include other sensitive data. So as stated above patch your devices as soon as the patch comes out.  Those of you with lots of servers / devices to look after should prioritize the ones with the most sensitive data.

For the more technical these Common Vulnerabilities and Exposures (CVE) have been explained here on mitre.org :

Spectre (bounds check bypass and branch target injection):
CVE-2017-5753 and CVE-2017-5715

Meltdown (rogue data cache load):  CVE-2017-5754

Leave a Reply

Your email address will not be published.