• Home
  • >
  • Blog
  • >
  • Introduction to Meltdown and Spectre cyber threats

Introduction to Meltdown and Spectre cyber threats

The 2 major vulnerabilities that affects all Intel, ARM and AMD processors have now come to light.

Currently, known as Meltdown and Spectre - malware can exploit the way microprocessors handle memory requests from the kernel. Microprocessors are constantly moving data from various on-chip memory caches in order to ensure processes execute as fast as possible, known as paging. It’s during this on-chip paging that the vulnerabilities come into effect.

Spectre takes advantage of the vulnerability by getting programmes to execute unnecessary instructions and therefore gain access to sensitive information within other applications memory space.

Meltdown takes advantage of a privilege escalation flaw, allowing unprivileged applications access to privileged memory space.

Both vulnerabilities require applications to run on the target but Spectre could be initiated from scripts running in a web browser.

What type of systems are affected?

Any applications that are running on Intel, ARM and AMD processors. As well as the obvious servers (Dell/HP etc) included in this are custom devices such as firewalls, switches and routers that run as VMs (eg Cisco ASAv, Fortinet)

What do I need to do?

Most vendors have released patches which should be applied ASAP. However, with it being a hardware issue, the only real way is to replace the actual chips that are affected. Until that point there will undoubtedly be variants written and released for which patches may not be available. Proof-of-concepts are available so it’s only a matter of time before exploits are written and released.

By having an Intrusion Detection System in place, you would be able to detect these threats as they enter your network. An IDS would give you valuable information such as where the threats are originating and which systems they are targeting.

A vulnerability scanner would be able to identify which systems are vulnerable and therefore providing a list of servers to focus on.

Find out more information on our Intrusion Detection System and protect your business from threats.

Where can I read more?

Detailed papers are also available here –

Meltdown

Spectre

Related stories...

Latest blog releases of interest...

Bristol Airport Ransomware; an all too human failing

Bristol Airport Ransomware; an all too human failing. Air travel has...

Read more

SIEM? SOC it to ‘em!

With the advent of GDPR and the increasing pressures on IT security,...

Read more

TSB…another IT failure

TSB has apologised for IT failings, which has locked 1.9 million...

Read more

Silver Clouds & Leaky Apps... issues of Cloud Security

Issues of Cloud Security The recent hack of 57 million customer and...

Read more