New year, new cybersecurity threats.
And 2018 started out with a bang.
Just a few short days into the new year, it had been revealed that most every Intel processor made in the past 20 years have two major security flaws that could leave millions of devices susceptible to attacks.
The flaws, called “Meltdown” and “Spectre,” have turned out to be more complex than just an issue with Intel’s processing chips, and an update to operating systems isn’t going to stop the flaws.
And finding a one-size-fits-all solution is still unknown.
Numerous steps will need to be taken in order to secure operating systems, and unfortunately, some of the steps will cause headaches for users.
Everything from browsers, firmware, and antivirus software will need to be updated with patches when they are released.
But before we go into that, you’re probably wondering what exactly are Meltdown and Spectre. The two vulnerabilities both go after processors like Intel and even Apple. From there, Meltdown and Spectre are fairly different in their exploitation methods.
For Meltdown, it allows hackers to take advantage of the privileged memory, which means having access to all the hardware and memory in an operating system. This could prove problematic, especially since the privileged memory contains information like passwords and keystrokes.
In the realm of Spectre, the flaw cons processors into performing restricted tasks, such as granting users access to private information that’s stored within the processor.
In short, these flaws aren’t good.
And at the moment, there are several proof of concept (PoC) tools, aka tools that only exploit devices to show they can do so, that are in the wild which can exploit the Meltdown and Spectre vulnerabilities and scrape memory off of the processors.
However, the risk of these is fairly low, due to the fact that PoCs don’t operate quickly. In addition, the process of exploiting the Meltdown and Spectre vulnerabilities are out of reach of people who aren’t experts in the inner workings of processors and kernel memory.
While the PoCs are out there, there is still a risk that exploits could still develop. And they could wreak havoc on cloud and virtual environments.
For example, take the web hosting company GoDaddy. At any given time, one web server might be hosting 100 separate websites. If a malicious entity were to gain access to that server, they could potentially scrape memory shared by all 100 of the virtual servers, thus giving the hacker access to all sensitive information.
That’s not really what you want.
The sheer fact that the vulnerabilities reside in processors, versus software, add another element of difficulty to this situation. Especially because a patch could remedy the software flaw, but that’s not necessarily the case with Meltdown and Spectre since a patch might not fix all of the vulnerabilities.
But patching is a great place to start.
When it comes to patching, patch management is vital to keeping your IT infrastructure healthy and defending incoming threats.
Be sure to check out our team’s steps to tacking patch management procedures here.
Whenever vulnerabilities and flaws of this magnitude take place, be sure to consult your IT service provider. They’ll have the answers for you and the last thing you want are your devices to be hacked.