Introduction to Meltdown and Spectre cyber threats

Monday 8th January 2018 • 4 min read
Steve Nice, Chief Technologist and CPSA

The 2 major vulnerabilities that affects all Intel, ARM and AMD processors have now come to light.

Currently, known as Meltdown and Spectre – malware can exploit the way microprocessors handle memory requests from the kernel. Microprocessors are constantly moving data from various on-chip memory caches in order to ensure processes execute as fast as possible, known as paging. It’s during this on-chip paging that the vulnerabilities come into effect.

Spectre takes advantage of the vulnerability by getting programmes to execute unnecessary instructions and therefore gain access to sensitive information within other applications memory space.

Meltdown takes advantage of a privilege escalation flaw, allowing unprivileged applications access to privileged memory space.

Both vulnerabilities require applications to run on the target but Spectre could be initiated from scripts running in a web browser.

What type of systems are affected?

Any applications that are running on Intel, ARM and AMD processors. As well as the obvious servers (Dell/HP etc) included in this are custom devices such as firewalls, switches and routers that run as VMs (eg Cisco ASAv, Fortinet)

What do I need to do?

Most vendors have released patches which should be applied ASAP. However, with it being a hardware issue, the only real way is to replace the actual chips that are affected. Until that point there will undoubtedly be variants written and released for which patches may not be available. Proof-of-concepts are available so it’s only a matter of time before exploits are written and released.

By having an Intrusion Detection System in place, you would be able to detect these threats as they enter your network. An IDS would give you valuable information such as where the threats are originating and which systems they are targeting.

A vulnerability scanner would be able to identify which systems are vulnerable and therefore providing a list of servers to focus on.

Find out more information on our Intrusion Detection System and protect your business from threats.

Where can I read more?

Detailed papers are also available here –

Meltdown

Spectre

Related stories...

Latest blog releases of interest...

Blog
12th January 2018

From Russia with Love…

From Russia with Love… become secure with EndPoint Management Ciaran Martin,...

Events
31st January 2018

How to solve your Database Management challenge

Are you confident that your databases are secure, optimised and...

Blog
4th December 2017

Google Court with Hands in the Cookie...

Google You Owe Us is the action group currently looking...

Blog
7th November 2017

Jack Reacher Should Be In Charge of...

Over the past few years the companies that have ‘fessed...


Discover Think Colocation is for you?

Purpose built demo suite

All Aboard the Mobile Solutions Centre