The newly discovered processor bugs dubbed Meltdown and Spectre are dominating the tech headlines—and many IT administrators’ daily task lists. Wondering what exactly is going on? Here’s the short story in infographic format first, and then text format below that.
To read this infographic as a PDF, click here.
If you prefer to read, instead of looking at an infographic, I’ve got you covered.
Meltdown/Spectre Speed Read
Nearly all apps are written on the premise that the data they store in memory cannot be read by other apps.
Meltdown and Spectre are processor vulnerabilities that allow an app to read pieces of another app’s memory contents.
Exploits using Meltdown/Spectre:
- Can read “protected” in-memory data.
- Cannot run malicious code or crash computers.
Who is Affected
Meltdown is a risk factor for anybody using a system with an Intel processor made in the last ten years, including PCs, laptops, and servers.
Spectre affects nearly all powerful processors, such as those from Intel, AMD, ARM, and IBM.
How they Work
Meltdown is a security bug. To make processors faster, Intel keeps frequently used data on-chip in a cache (versus going out to RAM for it, which is relatively slower). When an app’s data is cached, other apps are able to read it from the cache without any special privileges. AMD applies proper security to the cache and does not have this problem.
Spectre is an architectural problem with most powreful processors. To work faster, they use a technique called speculative execution. A processor intelligently guesses what operations an app is likely to run soon, and it runs them “just in case.” Then if the app needs them, bam—already done! This happens on a very micro level, tiny operations.
Although an app’s memory is protected, the contents of speculative execution are often unprotected. This means an exploit could watch the speculative executions and read the data. This is not unique to Intel.
Risk Grows by Size
For a home PC or Mac user this could allow a cyberattacker to gain access to passwords or credit card numbers.
For a company server it could expose personal information about customers, medical records, etc.
In a cloud data center the risk is multiplied because a single server might actually house multiple tenants—dozens of people and companies. Cloud hosts commonly give many customers their own virtual machines (VMs) running alongside other customers’ VMs on a single physical server.
Somebody with a cloud account and a Meltdown/Spectre exploit, has access to read data from the apps of other tenants on a shared server in the cloud.
Every Major OS is Vulnerable
This is a flaw with processors, not operating systems (OSs). However, OS vendors can write fixes that prevent exploitation. Windows 7, 8, and 10 are impacted. Windows Server is vulnerable. The Mac OS is affected. All versions of Linux and Unix are exposed as well.
The Solution has Two Parts
The specific solution for each system will vary by vendor and product. In most cases, two updates are needed to protect a system:
- OS updates are coming fast from all major vendors.
- Chipmaker microcode updates are being released as well. Most processors will need updates, but there are some exceptions.
Note that while Meltdown/Spectre can’t crash systems, some fixes can. Early problems have been reported with OS fixes in some scenarios. Also, some fixes require updates from app vendors, particularly antivirus solutions.
Securing systems from Meltdown/Spectre will slow down them down.
For home users with newer Windows and Mac computers, the impact may be negligible. Systems with older processors are expected to see a bigger slowdown. Some servers could see a greater slowdown than PCs.
Over the next several months vendors will release and refine fixes. Only then can we be sure of the performance impact on various systems and configurations.
The Good News
There are no known exploits in the wild … yet! You still have time to get ahead of this thing.
Secure your systems from Meltdown/Spectre vulnerabilities before sensitive data is exposed.
Is your enterprise searching for ways to secure your endpoints against threats, like Meltdown and Spectre? Learn how to automate endpoint security configuration management with Adaptiva Client Health. Visit: https://adaptiva.com/products/.