This week security researchers announced two new CPU vulnerabilities: Meltdown and Spectre.
These vulnerabilities can potentially allow hackers to steal the entire memory contents of the computer or device. Even those systems running on cloud providers are at risk. The most worrisome part of these exploits is that they are found in the majority of all CPU chips in computers and mobile devices today.
These vulnerabilities take advantage of a feature in most modern microprocessors called “Speculative Execution”, which is used to speed up the performance by executing a set of instructions based on assumptions that are considered most likely to be true. The side effects of this technique can lead to potential information disclosure and data leakage.
Currently, there is no easy fix for the Spectre vulnerability, as it would require a redesign of the processors itself. However, there are software patches for Meltdown on most platforms that fix the security vulnerability. However, these fixes can potentially slow down the processing speed of the chip by as much as 30%.
The Meltdown flaw is specific to Intel processors and is especially dangerous for cloud computing services run; particularly Amazon, Google, and Microsoft. As a threat actor could potentially purchase server access on these services and exploit other machines running on the same server.
As of Wednesday evening, both Google and Microsoft said they had updated their systems to fix this vulnerability. Amazon stated these vulnerabilities have “existed for more than 20 years in modern processor architectures” and has since patched their systems.
Personal computers used by consumers and businesses are also vulnerable. However, to exploit this vulnerability the threat actor would need to the ability to run software on the machine. This could be done in many different ways: running infected software, downloading malware via email or the app store, or even just by visiting an infected website.
System admins and information security professionals need to deal with these vulnerabilities by running security assessments, patching servers, and contacting cloud providers to ensure they have patched their servers as well. However, you don’t need to go this route alone.
MDS can help strengthen your security framework to prevent attackers from exploiting these new vulnerabilities on your corporate network. Please contact us for a security vulnerability assessment today.