<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
{%
Defrag This

| Read. Reflect. Reboot.

Meltdown: What you need to know about the Intel Core Bug Affecting Billions of Computers

Jeff Edwards| January 05 2018

| security

intel-melt.jpg

Just last week, we were looking back at the most significant hacks and attacks of 2017, and wondering what lay ahead for 2018. Well, wonder no more.

Security researchers have discovered two major design flaws in Intel processor chips that affect millions of devices—in fact, nearly every Intel chip produced since 2010 is at risk. 

The exploits, nicknamed Meltdown and Spectre, allow applications, malware, and even JavaScript code running in web browsers access to the contents of the OS kernel’s private memory areas, which typically store all types of sensitive information, such as passwords, credentials, and personal information. 

Intel’s response indicates that there will be no physical recall or replacement of their products, just a software patch. 

Sources told The Register that Intel, AMD, and Arm were warned of these security holes back in June last year.

And in retrospect, Intel executives have been acting accordingly. Last month, Intel CEO Brian Krzanich sold $250,000 worth of Intel stock—the maximum amount he legally could let go of as CEO. Following that news, Intel is now being eyed for securities investigation.

No Ipswitch products are affected by the bug, for the record. 

Close the door on unwanted intruders for free. Get the WhatsUp PortScanner.

How Meltdown and Spectre Work

Meltdown can be exploited by normal programs to read the contents of private kernel memory, whereas Spectre allows, among other things, user-mode applications to extract information from other processes running on the same system. Spectre can also be used to extract information from its own processes.

You can watch the Meltdown flaw in action spying on passwords in the below video fromwww.spectreattack.com below, scary stuff.

That site also has extensive technical documentation on the attacks, for those looking for a detailed breakdown. For those less technically inclined, this twitter thread from security researcher Joe Fitz is a terrific analogy:

The exploits are potentially even worse for virtualized environments, such as public clouds, where it could be possible for a guest VM to access the host machine’s physical memory to steal data from other customer’s virtual machines.

While it was initially thought that only Intel chipsets were affected, it turns out that certain Arm and AMD processors are also at risk, though to a lesser degree. Arm has provided a list of affected cores here.

Basically, these flaws exist in almost every single computer or smart device released in the past decade. Including iOS devices—except the Apple Watch.

Patches Are Here... But Could Cost Performance

Linux, Microsoft, and Apple have all acted swiftly to curb the impact of the Meltdown bug with workaround patches that separate the kernel’s memory from user memory with Kernel Page Table Isolation (KPTI). Unfortunately, this solution increases the kernel’s overhead, which could cause performance to slow down anywhere from 5-30 percent. The performance hit varies, depending on processor model and workload. Casual users and gamers, for instance, won’t see much difference—benchmark tests put the impact on those systems within the margin of error. However, database benchmarks showed a marked decline.

Ipswitch customers can use WhatsUp Gold to monitor CPU performance before and after patching, with the ability to alert on a given threshold.

Amazon, Google, and Microsoft have all pushed updates to their public clouds to protect customers from the Meltdown vulnerability.

The Spectre bug, on the other hand, is a harder fix. So far, there have been no sufficient software patches to fix the bug, and security researchers told the New York Times that a fix could require a full redesign of the processors. 

The Bottom Line

As Edward Snowden put it, "When your computer asks you to apply updates this month, don’t click 'not now.'"

Honestly, the best advice we can give right now is to wait for patches and install any OS or security updates as soon as possible. Multiple vendors have created software patches to mitigate against these hardware vulnerabilities. You should review the information from the vendors and apply the patches accordingly. We also recommend testing out the patches in a test environment before applying to the production environment as issues (e.g. performance, system crashes) have been discussed in advisories.

For the Spectre bug to be exploited, bad guys will first need to run malicious code on your browser, or get you to download malicious software, so, as always, make sure your adblockers and antivirus are enabled, consider running site isolation in your browser and watch out for phishing emails. 

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Jeff Edwards

Jeff Edwards is a tech writer and analyst with three years of experience covering Information Security and IT. Jeff has written on all things cybersecurity, from APTs to zero-days, and previously worked as a reporter covering Boston City Hall.

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.