Lots of excitement today as EVERY security company is endlessly discussing Spectre and Meltdown, the exploits affecting almost all systems out there. Here is the long and short (non-technical) summary of things:
- Spectre – The name is coined from the term “speculative execution”, and the fact that it will “haunt” us for a long time to come.
- Meltdown – This name is a reference to how it operates (i.e. it “melts” or destroys the isolation protection that prevents applications from accessing random memory locations).
- Spectre (CVE-2017-5753 and CVE-2017-5715) affects almost every system with a CPU (laptops, desktops, servers, and even ARM-based devices like smartphones). Effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre. Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.
- Meltdown (CVE-2017-5754) is more specific to Intel CPUs and systems running software-based virtualization like Xen PV or Docker where there is the sharing of a single host’s kernel. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information.
- Is there a workaround / fix? There are patches for Windows, Linux and OSX for Meltdown…a simple Google Search will find them. For Spectre, as it is quite a bit harder to mitigate, there is no patch per se (outside of CPU replacement), but hardening procedures are being worked on to prevent future exploitation. As this is all quite new, keep monitoring the security blogs for the latest updates on patches, hardening methodologies, and more information.