Meltdown and Spectre Exploits Target Flaw in Chip Designs

Spread the love

A pair of exploits which target hardware design flaws in CPUs made by Intel, AMD, and ARM have come to light early in 2018. The exploits allow programs, even JavaScript, to gain access to sensitive information, including passwords and encryption keys, stored in virtual memory. The first exploit, known as Meltdown, only affects Intel processors and some ARM processors. The Meltdown exploit is also known as Rogue Data Cache Load. The second exploit, known as Spectre, effects Intel, AMD, and ARM processors. Of the two exploits, Meltdown is easier to exploit.

The design flaw that enables the Meltdown and Spectre exploits to work are present in desktop and laptop computers, smartphones, tablets, automobiles, routers and other networking equipment, smart televisions, and any other devices which contain a processor with the design flaw. So far researchers have not detected any uses of the Meltodown and Spectre exploits in the wild. A Common Vulnerabilities and Exposure ID was given to the Meltdown exploit, which is CVE-2017-5754. The Meltdown exploit is not able to break out of virtual machines. However, the exploits are still able to access guest kernel memory in the virtual machine, but again, are not able to access the kernel space of the host.

Various operating systems have issued patches to prevent Meltdown exploits from occurring, however, most operating systems remain vulnerable to Spectre, which is harder to protect against. The patch for Linux works through a new Linux kernel feature called Kernel Page-Table Isolation (KPTI). KPTI is based on Kernel Address Isolation to have Side-channels Effectively Removed (KAISER), which was released in June of last year, before the Meltdown exploit was known. KAISER improved upon a 2014 update known as Kernel Address Space Layout Randomization (KASLR), which was implemented to prevent exploits of other types of kernel vulnerabilities. KPTI premiered in version 4.15 of the Linux kernel and was backported to version 4.14.11 and version 4.9.75 of the Linux kernel.

Microsoft has issued an emergency patch to stop the Meltdown exploit for many of its operating systems. The company has issued patches for Windows 10, as well as Windows 8.1, Windows 7 Service Pack 1, Windows Server 2016, Windows Server 2012 R2, and Windows Server 2008 R2 Service Pack 1. Apple has issued a patch.

Many web browsers are also being patched, which is good considering the exploit can be delivered over JavaScript. One way of mitigating JavaScripts which attempt to execute the Meltdown and Spectre exploits is by simply turning JavaScript off, or alternatively, installing an add-on such as NoScript or uMatrix. Mozilla has mitigated the issue in the latest version of Firefox, version 57, with two timing related fixes. Another option for users of Firefox going back to version 55 is to enable First Party Isolation, a feature which was borrowed from the Tor Browser. To enable First Party Isolation in Firefox, navigate to about:config, search for privacy.firstparty.isolate, and then change the value to True by double clicking on False, which is the value it is set to by default.

Google is rolling out a fix for the exploits with version 64 of Chrome which is due to be released on January 23rd. Site isolation features are already available in Chrome, as well as in the Opera web browser. To enable site isolation in Chrome, click on the address bar and type: chrome://flags/#enable-site-per-process and then hit enter, then click Enable next to Strict Site Isolation, and then restart the browser. Google phones and tablets will receive a patch for Android, but non-Google devices running Android will have to wait for the update to be sent from the manufacturer. Apple has not commented on when it will issue a patch for Safari. Apple’s OS X has been patched, as well as iOS.

Benchmark tests taken before and after patching on Linux showed virtually no impact on performance with regard to video games. Other benchmark tests showed some performance decreases, and experts have said with certain operations on the computer a decrease in performance by 5% to 30% could be expected. Microsoft stated in a security advisory they released that their benchmark tests have shown that their patch may create a decrease in performance, however, they also stated that users may not notice any changes in performance.

Author: DividedBy0

No votes yet.
Please wait...
Copyright © 2018 NETWORKFIGHTS.COM