<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=18068&amp;fmt=gif">

Your Meltdown and Spectre Questions Answered

January 09, 2018 in Hardware and Software, Tech Tips and Industry News, Small Business Security

What are Meltdown and Spectre?

Researchers found that the main chips, made during the past 10+ years, in most modern computers have a design flaw. This flaw would allow malicious programs to capture data being processed in your computer's memory. Programs are not able to normally do this because they are isolated from each other and the operating system- but this hardware flaw breaks that isolation. 

If your machine is infected with malware (This malware has yet to be discovered, but you can sure bet cyber criminals are working to create exploits.) criminals can get access to your passwords stored in a password manager or browser, emails, instant messages and even documents. It is important to understand that the vulnerable machine has to have malware running in order to exploit this flaw. 

Meltdown further explained (with an analogy)

Meltdown is the name given to an exploitation technique known as "rogue data cache load." The Meltdown technique allows data in a computer's kernel memory to be read. It is believed that this flaw has the most potential to be exploited. 

Here is an analogy to help explain:

 

Spectre further explained (with an analogy)

Spectre actually covers two different exploitation techniques known as "bounds check bypass," and "branch target injection." These techniques potentially make items in kernel memory available to user processes by taking advantage of a delay in the time it may take the CPU to check the validity of a memory access call.

Here is another analogy to describe Spectre: 

— Joe Fitz (@securelyfitz) January 4, 2018

 

How big of a deal is this? And will we be dealing with this for a while?

This will be a very large-scale and wide-spread security risk. Analysis of these techniques revealed that, while they are extremely difficult to exploit, even by an app running locally on a Mac or iOS device, they can be potentially exploited in JavaScript running in a web browser.

What devices do each of the flaws affect? 

The Meltdown vulnerability is strictly a vulnerability for Intel processors.

The Spectre vulnerability affects all servers, workstation, and mobile devices, as well as operating systems like Windows, macOS, and Linux. Spectre was shown to work on Intel AMD and ARM processors.

Is my iphone or Android affected?

From Apple:

"All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this time. Since exploiting many of these issues requires a malicious app to be loaded on your Mac or iOS device, we recommend downloading software only from trusted sources such as the App Store. Apple has already released mitigations in iOS 11.2, macOS 10.13.2, and tvOS 11.2 to help defend against Meltdown. Apple Watch is not affected by Meltdown. In the coming days we plan to release mitigations in Safari to help defend against Spectre. We continue to develop and test further mitigations for these issues and will release them in upcoming updates of iOS, macOS, tvOS, and watchOS."

From Google:

On the company's official blog, Google says that affected devices include:

  • Android phones
  • Google Apps like Gmail or Drive
  • Google Chrome web browser
  • Google Home smart speaker
  • Google Chromecast

 

What, if any, of equipment will need replaced? What will need to be repaired? 

Nothing will need to be replaced or repaied. Instead, updates will need to be ran. The downside is that after the updates, processors running at 1.0Ghz are likely to lose between 5-30% of their speed. As software updates/ patches are applied to your devices, you may or may not notice a drop in speed depending on your machine. However, if you have a lot of processing on your computer, then the software patches could put you over the edge and that would mean it's time to upgrade your computer. 

 

What can I do to protect my data and organization? 

Because this flaw is only an issue if malware is installed on your system, there are two important things to do: 

1. Be Dilligent. 

Use caution with what you install, or open on your machine.  Train and educate your users to recognize suspicious sites and emails.

2. Allow For Updates.

Tech companies will have issues to fix on their end, although, this might mean you have to update your own device manually to allow those updates to take place. 

In a statement, Microsoft said it was "aware of this industry-wide issue" and that it is working closely with Intel and AMD to keep users safe.

 

What is LIVE Consulting’ role in this?

We’re here as an adviser. We’ll update systems as patches come out for our managed clients, and keep you updated through the process. We are monitoring updates from our partners such as Sonic Wall and ESET and will post updates via email and this blog. If you have any specific questions, please ask!

 New Call-to-action

Live Consulting

Live Consulting

Live Consulting is the complete IT solution for business. Focused on providing IT Managed Services to the Denver market, we provide expert IT planning, support, and delivery to companies desiring streamlined technology and processes. Live Consulting was founded in 2004 around the idea that small and medium sized businesses deserve access to Enterprise level service and technology.

Related Posts

Connect with Us


Subscribe to our blog!

 

New Call-to-action

 

 

 

 

New call-to-action

 

 

 

 

 New Call-to-action