What are Meltdown and Spectre?

By:  |  Category: Blog, Security Friday, January 5th, 2018  |  No Comments
meltdown and spectre

Meltdown and Spectre:

2018 is kicking off as a year of massive redesign in the processor world thanks to issues discovered in almost all the CPU hardware on the market that have come to light. Yes Mac users that means you too (although mitigation with patches and updates have already been pushed out).

Researchers shared earlier this week that all CPUs made in the last twenty years are susceptible to hardware-based exploits that are somewhat challenging to fix, especially without significant performance penalties. It started with just one exploit, based on Intel’s CPU architecture and the ability to execute instructions in a speculative manner, that is, random and out of order. This helps modern CPUs in significant ways, and is a fundamental part of CPU design.
Unfortunately, two primary attacks based on these fundamental CPU design principles have been discovered, one significantly more serious than the other: Meltdown and Spectre.

What are the exploits?

Fundamentally, both exploits use somewhat similar core concepts. All modern processors utilize various features and techniques, including out-of-order execution (OOOE), branch prediction, and speculative execution to improve performance. However, all of these have the potential to execute code that shouldn’t be allowed. The hardware guarantees that the final result will be correct, flushing any results from code that shouldn’t have run. The problem is that there are side effects of the OOOE and speculative execution, where they can cause changes to the cache state, and then cache attacks can be used to try and pull ‘secrets’ (data from RAM) out of the cache.

Meltdown is an exploit that affects Intel CPUs at least since 2011, which leverages elements of out-of-order execution to cause a change in the cache state of a CPU, and then use that to dump contents of memory that should normally be inaccessible.

Spectre uses a processor’s speculative execution capability and branch prediction, combined with similar approaches to those in Meltdown (eg, cache attacks like Evict+Time), to read secrets from a process’s memory. The attack involves training a branch predictor to take one path, and then after many iterations, using a branch mispredict to cause speculative execution of code that shouldn’t be run. Up to nearly 200 instructions could be run in some instances. Spectre can affect processors from AMD, ARM, Intel, and others—any processor that uses branch prediction, in theory, which is basically every modern processor—but the attack must be tailored somewhat specifically to the hardware, making it more difficult to implement.

What to do about it?

The main concern should be with websites and services that you use—how secure are they, and have they put measures into place to protect your data? The answer to those questions may not always be immediately available, unfortunately. For example. Googles updates are not expected until later this month. For home PCs and laptops, you should update with the latest security patches to Windows, macOS, and Linux. Windows is the primary OS, and patches are available for Windows 10, Windows 8.1, and Windows 7.

For business owners, contact your managed service provider and/or come up with a strategic update and patching plan with your IT staff. If you are unsure of how to proceed, give EnhancedTECH a call and we can assist you with comprehensive network security plan. Call 714-979-9330 or contact us at sales@enhancedtech.com for a complimentary consultation.

Samantha Keller

Samantha Keller

Director of Marketing and PR at EnhancedTECH
Samantha Keller (AKA Sam) is a published author, tech-blogger, event-planner and mother of three fabulous humans. Samantha has worked in the IT field for the last fifteen years, intertwining a freelance writing career along with technology sales, events and marketing. She began working for EnhancedTECH ten years ago after earning her Bachelor’s degree from UCLA and attending Fuller Seminary. She is a lover of kickboxing, extra-strong coffee, and Wolfpack football.Her regular blog columns feature upcoming tech trends, cybersecurity tips, and practical solutions geared towards enhancing your business through technology.
Samantha Keller

Latest posts by Samantha Keller (see all)

Leave a Comment
Read previous post:
sinkholing
Sinkholing as a Way to Improve Network Security

Curious about what a sinkhole is? In the tech realm a sinkhole is not when the ground collapses from an...

Close