What is Meltdown and Spectre?

What is Meltdown and Spectre? – High Level

On January 3, 2018, researchers discovered several exploits in many different vendors’ processors and operating systems. These exploits exist in Intel, AMD, and ARM processors, and allow hackers to potentially steal sensitive information from any device; PCs, mobile phones, laptops, or even from the Cloud.

How were these vulnerabilities created?

In the 1960s, a behind the scenes optimization process called, Speculative Execution, was created to help devices speed up routine tasks. Speculative execution allows your computer to analyze patterns and start preforming processes ahead of time to be more efficient. Sometimes your computer will perform a task or a calculation that may not be necessary. Speculative execution throws away data from that unnecessary task into an unprotected part of the computer’s cache memory, where unauthorized users can access the data through a side channel. When speculative execution was created in the 1960s data was self-contained, thus there was no need to secure the data dumps. Today, computers and mobile devices share resources with many applications and environments. When unprotected data from speculative execution is dumped into shared memory it can be easily accessed by attackers. These exploits allow attackers to trick your computer into loading data like passwords and account information into the shared memory so they can steal it.

What’s being done?

When researchers discovered these exploits, engineers from the leading technology companies came together to create patches that block Meltdown and Spectre attacks. It’s very important that you install these patches and continue to stay up to date with the latest releases of operating systems. In the future, CPU designs will change to eliminate these kinds of vulnerabilities. However, the reality is computers will always have some security vulnerability, that’s why it’s important for companies to have a cyber security incident response plan.

What is Synoptek doing for their Managed IT Customers?

· Window and Mac operating system updates

· Pushing out firmware updates for all affected chips – Intel and AMD patches are live.

· Web Browser updates – Mozilla Firefox has begun rolling out updates, as well as Microsoft for its Internet Explorer and Edge browsers. Google is including a patch for the bug in its upcoming update that will roll out on January 23. Apple plans on rolling out an update soon for its Safari web browser.

How Has the Synoptek Security Incident Response Team Addressed the Vulnerabilities?

The Synoptek security incident response team has already:

·  Assigned a Security Task Force – Synoptek has assigned cyber-security experts to review the technical details of the vulnerability and assess the impact

· Scoping, Assessment– Synoptek is identifying the scope of platforms effected and initial assessment of the risks (across dozens of platforms and software applications)

· Active engagement with 3rd party software and hardware manufactures – Synoptek is actively engaged with 3rd party software and hardware manufactures and has developed a large knowledge base consolidating actions recommended by dozens of OEMs, software publishers and security experts

· On-going evaluation – Synoptek continues to monitor and evaluate the risks for each major platform

· Application of recommended hardware and software patches and fixes – Scripted, programmed updates and initiated automated updates to thousands of vulnerable systems

 

What is your cyber-security incident response team doing?

If you are asking “should I be worried about this?” or “should I be doing anything about this?”, the answer is yes, you should be worried and yes, you should be doing something.

Speak to Synoptek’s Security Experts for help

About the Author