Millions of computers left vulnerable by Meltdown and Spectre exploits

by Linas Kiguolis - -

In the beginning of January 2018, cyber security researches reported a serious CPU flaw that was initially found in Intel processors.[1] Intel responded to official reports and admitted that the flaw has really been detected, but it’s not exclusive to Intel products only.[2]Meltdown and Spectre CPU flaws

Further investigations revealed two vulnerabilities that affected modern processors, including Intel, Advanced Micro Devices (AMD), and ARM. Dubbed as “Meltdown” and “Spectre,”[3] the security flaws are treated extremely seriously because in case of exploitation, cyber criminals may get access to the memory where personal information, including but not limited to passwords, emails, photos, documents, browser history, etc. is stored.

Both Meltdown and Spectre flaws exploit speculative execution[4] – a specific processor performance when central processing unit (CPU) predicts the actions of the device user and starts executing them beforehand. In case the user changes his mind and opts for another action, speculative execution rolls back. Here’s where Meltdown and Spectre flaws manifest and enable access to the memory that can’t normally be accessed.

Meltdown, aka CVE-2017-5754 and “rogue data cache load,” and Spectre was revealed by a group of scholars most of whom are working in Universities of Technology. The first one has been found in chips manufactured by Intel only and it’s the one that is most likely to be exploited. According to the researchers,[5]Meltdown enables an adversary to read memory of other processes or virtual machines in the cloud without any permissions or privileges, affecting millions of customers and virtually every user of a personal computer.

While the range of Intel processors affected by Meltdown is vast, actually every processor since 1995 (except Intel Itanium and Intel Atom before 2013), Specter affected nearly every type if device (Intel, AMD, and ARM processors). The latter is also more complicated to exploit and guard against as it uses two exploitation techniques – CVE-2017-5753 and CVE-2017-5715. The exploit seems to be conducted through JavaScript running on the web browser and enables other apps’ access to the privileged memory.

These two major hardware exploits caused commotion among hardware manufacturers. Microsoft has already released a patch to mend a part of the problem on Windows 10. Intel, AMD, and ARM chips’ manufacturers have also started rolling out firmware updates to address the other part of the flaw. According to experts, Linux and Windows kernels has had to be redesigned to immunize the chip-level security bug.

By installing the patch updates, both Meltdown and Spectre should be fully patched. In case the hole is not fixed completely, the vulnerability may be abused by programs and logged-in uses to read the content of the kernel's memory, which means that all sensitive information may get accessible to cyber crooks. 

 

Therefore, to prevent incomplete immunization of the flaw, Microsoft developed a PowerShell script, which checks the status of the device and reports whether it’s still vulnerable. To run the CPU vulnerability check, you have to:

  • Press Windows key and type PowerShell.
  • Right-click on Windows PowerShell entry and select Run as administrator.
  • Copy and paste the Install-Module SpeculationControl command and hit Enter.
  • Now type Y and press Enter to enable NuGet provider.
  • If a prompt asking to confirm the installation occurs, type Y and Enter once again.
  • Once done, copy and paste the following commands and hit Enter after each:

$SaveExecutionPolicy = Get-ExecutionPolicy
Set-ExecutionPolicy RemoteSigned -Scope Currentuser

  • Now press Y and hit Enter.
  • Copy and paste the following commands and hit Enter after each:

Import-Module SpeculationControl
Get-SpeculationControlSettings

That’s it. Your PC is fully protected only if Windows 10 emergency update, required version of the BIOS or UEFI updates are installed. If all the requirements under “branch target injection” and “rogue data cache load” are set to True and highlighted in green, it means that the exploit has been patched.

  • As soon as you check the status of your PC, type Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser command in the PowerShell window and press Enter.
  • Then type Y and hit Enter. This command will roll back the execution policy to the previous state.

About the author

Linas Kiguolis
Linas Kiguolis - IT professional

Linas Kiguolis is a qualified IT expert that loves sharing his excellent knowledge about problems in Windows and Mac operating systems. Linas’ insights often help other team members find quick solutions for visitors of UGetFix site.

Contact Linas Kiguolis
About the company Esolutions

References