Meltdown and Spectre Vulnerabilities have made 80% of servers as Vulnerable in overnight, thanks to Google Project Zero team and other security researchers who have brought such a worst vulnerabilities to the world (At least now). Meltdown vulnerability basically melts security boundaries which are normally enforced by the hardware (CPU). Spectre name is based on the root cause, “speculative execution”. Spectre is harder to exploit than Meltdown, but it is also harder to mitigate.
Meltdown became public that,
“Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system. If your computer has a vulnerable processor and runs an unpatched operating system, it is not safe to work with sensitive information without the chance of leaking the information. ”
Michael Schwarz has demonstrated that how to steal password using meltdown security flaw.
Using #Meltdown to steal passwords in real time #intelbug #kaiser #kpti /cc @mlqxyz @lavados @StefanMangard @yuvalyarom https://t.co/gX4CxfL1Ax pic.twitter.com/JbEvQSQraP
— Michael Schwarz (@misc0110) January 4, 2018
Spectre became public that,
“Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre”
For information about the bug, please check the metdown website.
Here is the list of three discovered variants:
- Variant 1: bounds check bypass (CVE-2017-5753) – a.k.a. Spectre
- Variant 2: branch target injection (CVE-2017-5715) – a.k.a. Spectre
- Variant 3: rogue data cache load (CVE-2017-5754) – a.k.a. Meltdown
What are the processors affected by Meltdown?
Most of the intel process is affected by meltdown which is manufactured after 1995. AMD hasn’t confirmed the Meltdown vulnerability for their processors. Some of the ARM processors also exposed to meltdown. IBM Power 7, Power 8 and Power 9 also affected. Check out IBM knowledge article to mitigate the risk on Power environment.
What are the processors affected by Spectre?
Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.
How to mitigate the risk?
Complete mitigation of this vulnerability for any Systems involves installing patches to both system firmware and operating systems. The firmware patch provides partial remediation to these vulnerabilities and is a pre-requisite for the OS patch to be effective. You must target the internet facing servers first. But remember that, these new OS patches and firmware upgrade might reduce the system performance by 30%. Do the extensive testing before moving to production.
What are the operating systems might vulnerable to this security threat?
- Microsoft Windows (Mostly Runs on Intel/AMD/ARM- X86 CISC)
- AIX (RISC – Power )
- MAC OS (Power / Intel)
- Linux (Mostly Runs on Intel/AMD/ARM- X86 CISC)
| Red Hat | Vulnerability Response / Performance Impacts |
|---|---|
| Debian | Security Tracker |
| Ubuntu | Knowledge Base |
| SUSE | Vulnerability Response |
| Fedora | Kernel update |
Virtualization platforms also affected by this vulnerabilities. ((Mostly Runs on Intel/AMD)
| VMWare | Security Advisory |
|---|---|
| Citrix | Security Bulletin / Security Bulletin (XenServer) |
| Xen | Security Advisory (XSA-254) |
We haven’t seen any security bulletin from Oracle about Oracle Solaris (SPARC/Intel/AMD), From HP, regarding HP-UX which runs on Itanium/PA-RISC processors. I will update this article, once it’s available.