The Biggest Vulnerability Ever Found on CPU.! – Meltdown & Spectre.

There are New Vulnerabilities named Spectre and Meltdown, which exploit critical vulnerabilities in modern processors have just been discovered by Expert Cyber Security researchers.

These hardware bugs allow programs to steal data being processed on the computer. You can View the Documentation about these Spectre Documentation and Meltdown Documentation.

 

The Meltdown Vulnerability

avira_blog_dont-be-afraid-of-a-meltdown-with-the-new-microsoft-update-750x354

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.

This vulnerability leaves millions of devices vulnerable to serious attacks. This is so important to be fixed because anything that runs as an application can steal your data. This includes any application programs or even Javascript ,  script running on a web page on any given browser. This makes Meltdown really dangerous for us and easy for hackers. Below Video Show you a Meltdown Exploit in Action.!

The Spectre Vulnerability

Howto-patch-Spectre-Vulnerability-CVE-2017-5753-CVE-2017-5715-on-Linux

Spectre is slightly different from Meltdown. This is so because it can allow hackers to fool the applications (even the stable versions of the respective application) running on a machine to give up secret information from the Kernel module of the operating system to the hacker with the consent or knowledge of the user.

Even though it is stated to be harder for the hackers to take advantage of but you should always be careful because it is you who is vulnerable. Also, it is worth noting it is harder to be fixed as well and can lead to a bigger issue in the long-term plans.

__________________________________________________________________________________________________

AFFECTION :

  • Desktop, Laptop, and Cloud computers may be affected by Meltdown.
  • Every Intel processor which implements out-of-order execution is potentially affected.
  • every processor since 1995 (except Intel Itanium and Intel Atom before 2013).
  • it is unclear whether ARM and AMD processors are also affected by Meltdown.

As fas as Spectre is concerned, almost every system is affected by it- Desktops, Laptops, Cloud Servers, as well as Smartphones.Well, if you are running any of the modern processors no matter if they are made by Intel, AMD or ARM or what device you are using them on, you are vulnerable to Spectre.

ATTACK SCENARIOS :

There is no current trace of Meltdown or Spectre affecting any machines around the globe, but it is also worth noting that these attacks are so sensitive that they are really difficult t be detected. Experts have said that they expect hackers to quickly develop programs to start attacking users based on the vulnerability as it is public now. Chief Executive of Cybersecurity Consulting firm Trail of Bits, Dan Guido said:

“Exploits for these bugs will be added to hackers’ standard toolkits.”

TO BE SAFE :

Cyber Experts said that ,  The OS Updates must Installed to Stay Secure and Replace the Hardware Contains the Vulnerability. But My Opinion is Both of These Solution Cant Protect us From These Vulnerabilities. Because Almost All Consumer Processors are Vulnerable and This is a hardware affected Vulnerability. Additionally, keep all your device up to date with newest fixes available. Enabling Strict Site Isolation in Chrome and preventing JavaScript from loading are the other precautions you could take.

YOU CAN CHECK YOUR WINDOWS PC FOR INFECTION USING THESE

Run PowerShell as administrator and execute the following commands one after the other:

PS> # Save the current execution policy so it can be reset

PS> $SaveExecutionPolicy = Get-ExecutionPolicy

PS> Set-ExecutionPolicy RemoteSigned -Scope Currentuser

PS> CD C:\ADV180002\SpeculationControl

PS> Import-Module .\SpeculationControl.psd1

PS> Get-SpeculationControlSettings

PS> # Reset the execution policy to the original state

PS> Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser

This will install, activate an additional module and enable protection.

Check the output and see if all the elements show a value of True. That shows that your Windows is protected. If it shows False, it means that your system is vulnerable and you need to fix those issues.

You can later on restore the default ExecutionPolicy setting by running executing this Set-ExecutionPolicy Default command.

PS:

Poc of Meltdown : https://github.com/IAIK/meltdown

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s