Android, Antivirus, Apple, Chromebook, Enterprise, Internet Security, iPhone, Mobile, OS X

CPU Security Flaw (Meltdown and Spectre) – What you need to know

Processors (CPUs) provide the brainpower for all the computerized devices we use day to day, from PCs and smartphones down…

Processors (CPUs) provide the brainpower for all the computerized devices we use day to day, from PCs and smartphones down to mundane things such as ATMs. Therefore an exploit – or exploits – that affects virtually all of these devices at the same time is a shocking thing to hear about.

Unfortunately, early 2018 saw just such a thing happen with the news that a design flaw in nearly all modern processors had been found.
 

What are Meltdown and Spectre?

Meltdown and Spectre are the names given to the two newly discovered vulnerabilities that affect virtually every device with a processor in it.

They rely on retrieving small amounts of data that are made available outside of the processor temporarily. This happens due to a design in processors called “speculative execution”.

This is the process where a CPU essentially guesses what information it will need next to function quickly.

Spectre allows attackers to force the processor itself to start the speculative execution process. They then access the extra data to obtain sensitive information that should never be available.

Meltdown fundamentally breaks down the mechanism that stops applications from accessing system memory. By doing so it enables exploits to access arbitrary system memory to retrieve sensitive data.
 

Who discovered them?

Both exploits were independently discovered by multiple teams of researchers.

Meltdown

  • Jann Horn (Google Project Zero)
  • Werner Haas, Thomas Prescher (Cyberus Technology)
  • Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz(Graz University of Technology)

Spectre

  • Jann Horn (Google Project Zero)
  • Paul Kocher in collaboration with Daniel Genkin (University of Pennsylvania and University of Maryland), Mike Hamburg (Rambus), Moritz Lipp (Graz University of Technology), and Yuval Yarom (University of Adelaide and Data61)

 

What systems are affected?

On a technical level, every Intel processor that implements out-of-order execution (speculative execution) is potentially affected. This includes almost all Intel processors dating back all the way to 1995!
A portion of AMD processors and ARM processors are also affected.

All desktop, laptop and cloud computing services may be affected by Meltdown.
 

Am I affected by Meltdown and Spectre?

Yes!

This may seem like a very blunt answer but due to the wide-reaching nature of the design flaw, you almost certainly have a device that will have been affected.
 

Does my antivirus protect me?

Antivirus programs could theoretically detect the use of these exploits, however, in practice it is very unlikely. It is possible that your antivirus could detect malware designed to exploit these vulnerabilities but not the actual vulnerabilities themselves.
 

How do I protect myself?

The Meltdown exploit is able to be fixed with a software patch as it relies on breaking the isolation between user apps and the operating system.

Computers fitted with a vulnerable processor and running unpatched operating systems will be open to exploit.

Fortunately, Operating system vendors have released relevant patches to protect their users. As long as you regularly update your operating system using built-in update tools, you should be fully protected from the Meltdown vulnerability.

As usual, it is best to operate safe web browsing habits and not install any potential malware on to your device that may potentially make use of these vulnerabilities.

Spectre has proven to be much harder to protect from as it is executed at the hardware level.

Initial advice so far is to follow the basic steps (similar to meltdown):

  • Update your operating system frequently
  • Install updates from your hardware manufacturer (firmware updates)
  • Turn on isolation mode in your web browser ( Chrome and Firefox ) – This prevents exploits in javascript from utilizing Spectre vulnerability.

 

What next?

The main thing for most people to do is to not panic. If you have followed the basic security steps and best practices above then you will almost certainly be safe.

It is important to note that some of the security patches that have been released may deliver a performance hit to your device. This is a widespread complaint and many of the operating system vendors recognize this as an issue.

They have stated that the performance hit should not be noticeable to the average user, however, hits to performance are “highly variable and depend on a number of factors”.

If you feel like your device performance has been significantly affected, do some research on whichever update you just installed. Other people may have suggestions and/or the vendor themselves may recognize a compatibility issue with certain device setups.
 

Conclusion

The shock release of these two huge vulnerabilities should be a wakeup call to the entire world.

It is increasingly important in this day and age to be ever vigilant about what information you store on your devices.

More importantly, users and companies should focus on preventative practices, such as being aware of potential malware that could expose devices to cybercriminals.
For more advice on what users should look out for in 2018, check our article – Internet security threats to look out for in 2018

Be the first to write a comment.

Leave a Reply

Antivirus

Bitdefender wants to protect your device for just over 7 dollars, but there’s a catch

If you’re looking for a great deal on security – Bitdefender has extended its Black Friday sale and its Total Security 2020 platform has never been so cheap.The company is offering a huge 60% discount, which means you pay only $35.99 (excluding taxes) for a year’s protection instead of the usual $89.99. That’s about $7.20 per…

If you’re looking for a great deal on security – Bitdefender has extended its Black Friday sale and its Total Security 2020 platform has never been so cheap.

The company is offering a huge 60% discount, which means you pay only $35.99 (excluding taxes) for a year’s protection instead of the usual $89.99. 

That’s about $7.20 per device, or just pennies per day, for one of the best security suites on the market.

  • Have a look at the best antivirus software on the market
  • We have shortlisted the best Mac Antivirus applications
  • Check out our list of the best internet security suites around

Bitdefender Total Security 2020 – $35.99 (60% off)

Not only is this one of the cheapest antivirus deals around, it comes from one of the world’s biggest security companies. Bitdefender Total Security 2020 is your Swiss Army knife – a security toolkit that also boasts multi-layer ransomware protection on up to five devices. It constantly tracks malware,

Read More

Continue Reading
Antivirus

Cybersecurity threats to watch out for

The internet can be a hostile environment. The threat of cyberattack is ever-present as new vulnerabilities are released and a commodity of tools are produced to exploit them. Therefore, the pressure on organisations (and their employees) to protect customer data and defend against attacks, is mounting.But aside from using Firewalls and antivirus software, how can…

The internet can be a hostile environment. The threat of cyberattack is ever-present as new vulnerabilities are released and a commodity of tools are produced to exploit them. Therefore, the pressure on organisations (and their employees) to protect customer data and defend against attacks, is mounting.

But aside from using Firewalls and antivirus software, how can we expect businesses, especially smaller businesses with limited security budgets and skills, to keep on top of evolving threats? 

About the author

Tyler Moffitt, Security Analyst, Webroot.

ransomware strains to cryptomining campaigns – that deliver the most attack payloads beyond phishing – cybercriminals are making better use of stolen, personal information available to craft more convincing and targeted attacks.

Ultimately, what this means is that doing nothing is no longer an option. It’s time that organisations step up, learning how to spot potential threats and the implications behind these attack tactics. This starts with understanding the ‘nastiest’ threats out there today that are leaving businesses at risk. 

Botnets: delivering mass disruption

Botnets have continued to dominate the infection attack chain in 2019. No other type of malware was responsible for delivering more ransomware and cryptomining payloads. 

Emotet, which was the most prevalent malware of 2018, held onto that notorious distinction into 2019. While it was briefly shut down in June, Emotet returned from the dead in September, and remains the largest botnet to date, delivering various malic

Read More

Continue Reading
Antivirus

WannaCry was the most common crypto ransomware attack last year

Almost a quarter (23.56%) of all encryption ransomware attacks that occurred in 2019 had encountered the WannaCry virus according to new research from PreciseSecurity.com.Ransomware attacks against government agencies, healthcare organizations, the energy sector and education continue to rise. While the effects of some simple ransomware can be reversed, more advanced malware exploits a technique called…

Almost a quarter (23.56%) of all encryption ransomware attacks that occurred in 2019 had encountered the WannaCry virus according to new research from PreciseSecurity.com.

Ransomware attacks against government agencies, healthcare organizations, the energy sector and education continue to rise. While the effects of some simple ransomware can be reversed, more advanced malware exploits a technique called crypto-viral extortion to put money in the hands of cybercriminals.

WannaCry targets computers running Microsoft’s Windows operating system, encrypts their data and demands payment of a ransom in cryptocurrency to get it back. According to estimates, the WannaCry ransomware attack

Read More

Continue Reading
Internet Security

The crypto rich find security in Anchorage

Not the city, the $57 million-funded cryptocurrency custodian startup. When someone wants to keep tens or hundreds of millions of dollars in Bitcoin, Ethereum, or other coins safe, they put them in Anchorage’s vault. And now they can trade straight from custo…

Not the city, the $57 million-funded cryptocurrency custodian startup. When someone wants to keep tens or hundreds of millions of dollars in Bitcoin, Ethereum, or other coins safe, they put them in Anchorage’s vault. And now they can trade straight from custo…
Read More

Continue Reading