The recently discovered set of malicious actors (Spectre and Meltdown) which affect almost all the computing and mobile devices around the world, have created a buzz among the tech companies.
Attackers can read sensitive information in the system like passwords, encryption keys, etc. It was also found that if any virtual machine (VM) is attacked, the physical memory of host machine too can be accessed. Further, the attacker can access the memory of all the VMs running on same host.
Variants of attack:
- Variant 1: bounds check bypass
- Variant 2: branch target injection
- Variant 3: rogue data cache load
As per the researchers, the Variant 1 and Variant 2 take place by mounting Spectre vulnerability, while Variant 3 by Meltdown. The Meltdown enables the attacker to read kernel memory. All the Intel processors since 1995 are vulnerable to Meltdown except Intel Itanium and Intel Atom before 2013.
Spectre uses the ‘bound check bypass’ and ‘branch target injection’ techniques and leak the files in kernel memory through a channel.
“Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents,” researchers explained.
Responses from tech world:
The tech world is responding well to Spectre and Meltdown attacks. The operating system vendors, public cloud providers, device manufacturers and others are indicating that they are trying to fix the issue.
Intel said that it will issue updates for more than 90% of the processors which the company introduced in past five years. The chip maker has suggested the users to update their operating systems and other computer software.
Apple also admitted that all Mac systems and iOS devices are affected. It has already released updates for iOS 11.2, macOS 10.13.2 and tvOS 11.2 to mitigate the Meltdown. The company will soon release updates for Safari on macOS and iOS to mitigate Spectre.
Microsoft has updated most of the Azure infrastructure to address these attacks. However, some of Azure aspects are still in update progress and might need to reboot the VMs of customers.
All the users around the world can sigh now because at least some fixes are on the way. Make sure to utilize the security update features.