Olenick Roundup: Meltdown & Spectre
Recently, several well-known cyber security analyst teams, including Google Project Zero, alerted the world to a pair of CPU vulnerabilities which have been dubbed Meltdown and Spectre. These vulnerabilities allow for data to be stolen while it is being processed on the system and stored in the memory in what is called a “speculative execution side-channel attack”.
Essentially, modern CPUs utilize a couple of techniques called Speculative Execution and Caching to improve performance. These techniques are a way for the CPU to “predict” the future for programs it is running so that when the program needs specific data it is ready to be used before the program needs it. The problem lies in the fact that Speculative Execution and Caching handle protected data in their attempts to predict a program’s data needs. This handling of protected data using these techniques leaves that data exposed for abuse by malicious attacks.
The fundamental vulnerability is at a hardware level and cannot be fixed without redesigning the architecture of the CPUs. However, fixes can be implemented at a software level, but come at a price. Speculative Execution and Caching offer performance gains on all chips that utilize them. Software level fixes will prevent CPUs from utilizing those techniques and result in a performance loss of anywhere from 5-30%.
While similar and related, both of the vulnerabilities differ in some ways. The first vulnerability, Meltdown, affects primarily Intel and certain ARM chips and is remedied by a security patch for Linux, Windows, and OS X. Spectre affects all modern chips including AMD and is fixed by both a patch and a BIOS/UEFI update.
While trying to remedy the problem other issues have surfaced. Antivirus programs must be compliant, otherwise systems running them will be prevented from applying patches. Certain AMD systems have been found to not boot after updating. Windows 10 users cannot opt out of the specific security update because of how Windows 10 deploys updates. These are just a few notable issues with trying to fix Meltdown and Spectre.
Olenick has diligently worked to remain informed on the issues related to Meltdown and Spectre. We have developed several solutions that help our clients identify and remediate issues related to these vulnerabilities. We also perform automated performance testing for those clients that wish to understand and reduce their risk related to performance degradation.
Author: Anthony Simon, Consultant