There have been several reports earlier this week of potential security flaws in all chips made by Intel, AMD and AMR processors. Researchers revealed that all CPUs made in the last two decades are vulnerable to potential exploits, which give hackers access to sensitive information. And these exploits are not easy to fix.
Moreover, given that these three companies supply processors for all the computers in the world, nearly every single computer could be affected by these bugs, which have been termed Meltdown and Spectre.
What are these bugs?
Essentially, these are hardware bugs present in all modern processors, which can steal data that is processed on the affected computer. Typically, programs cannot read data from other programs. But that’s what this particular bug lets you do. Malicious code such as Meltdown and Spectre can access sensitive information stored in the memory of other programs. Sensitive information here refers to anything from passwords stored in the system to photos, emails and documents.
Researchers say that these bugs directly affect the core of a CPU and so the threat is not just for computers but also to mobiles and anything on the cloud. These bugs are kernel-level bugs, which affect the core of the computer’s operating system. A kernel is a computer program that is the core of an operating system and has complete control over everything in the system.
And since these are hardware bugs, they are very difficult to fix or remove unlike a software bug.
The security of computer systems fundamentally relies on memory isolation, e.g., kernel address ranges are marked as non-accessible and are protected from user access. What Meltdown does, is it melts boundaries by enabling a program to read this protected kernel memory. And if exploited, hackers could gain access to all the information that is protected by the system.
While this particular flaw or bug has an operating level fix where the kernel is separated from the program, it could lead to the slowdown of the machine.
The Meltdown bug affects all Intel processors manufactured in the last 10-20 years, thus affecting millions of systems.
Currently, Meltdown has been verified only on Intel processors. It is unclear whether ARM and AMD processors are also affected by Meltdown.
There is a performance feature called ‘Speculative execution’ on modern processors, where the computer is guessing which command or path will be taken next. And this execution relies on access to the protected kernel memory.
What Spectre does, is use a processor's speculative execution capability and branch prediction to read secrets from a process's memory. How it does this is, it trains a branch predictor to take one path, and then after many iterations, makes a speculative execution of code that shouldn't be run. It basically tricks programs into leaking kernel-level secrets.
Spectre is a flaw that is harder to execute. However, this also makes it harder to fix as compared to Meltdown. Spectre is also a bigger worry given that it impacts all devices running on Intel, AMD or AMR processors. That is all smartphones, computers, wearables and laptops.
Every Intel processor which implements out-of-order execution is potentially affected, which is potentially every processor since 1995 (except Intel Itanium and Intel Atom before 2013). Researchers have successfully tested Meltdown on Intel processor generations released as early as 2011.
Should you be worried?
The first question in anyone’s mind is if they are affected. Researchers say that almost everyone could be affected and what’s worse is that one cannot detect if the Meltdown or Spectre bug has been exploited, as it does not leave any trace in the traditional log file.
What safety measures can you take?
Experts suggest that the best protection against these exploits is to ensure you’re up to date with the security patches.
Google, Microsoft and other tech giants have already begun rolling out security patches and firmware updates. Patches are available for Windows 10, Windows 8.1, and Windows 7, Linux, and Android.
Fixes have begun rolling out for Linux, Android, and Microsoft Windows 10. So, if you’re using an Android phone, or are a developer using Linux in the cloud, it's time to update your operating system.
Customers have to not only install the Windows January 2018 security updates but also all the patches, to remain completely protected against these vulnerabilities.
Apple too, is in the process of rolling out security patches for its devices.
Do not download any software from an unknown source. And more importantly, stay away from any click-bait links and files. This is because attackers could use the
Will an Antivirus work?
For the time being, yes. Unlike the usual malware that antivirus programs detect and fix, these particular bugs are harder to find as it is difficult to differentiate them from regular applications.
Most importantly, practice good online behaviour to stay safe.