This article has been re-published here with prior permission of MakeUseOf.
By: James Frew
2017 was a bad year for online security. The rise of ransomware dominated the early part of the year, while data breaches (including the infamous Equifax hack) continued unabated.
Toward the tail end of the year, rumors started spreading of a huge security flaw with Intel CPUs. Just as the sun rose on 2018, researchers unleashed a flood of information on two new exploits: Meltdown and Spectre. Both affect the CPU.
Meltdown primarily affects Intel processors and is (relatively) easy to patch. To add fuel to the fire, Intel’s response to the flaw has drawn sharp criticism from the security industry. Spectre has the potential to affect almost every modern processor across all manufacturers and will be the more challenging of the two exploits in the long term. However, to get a sense of how severe these two flaws are, and how they affect you, we first need to take a look at how a CPU works.
Inside the CPU
The Core Processing Unit (CPU) is one of the most critical parts of your computer and is often referred to as the brain of the operation. The CPU takes instructions from your RAM, decodes them, and then finally performs the requested action. This is known as the Fetch-Decode-Execute cycle, and is the backbone of all CPUs.
In theory, this operation is always predictable with the RAM passing all instructions in sequence to the CPU for execution. However, real-world CPUs are more complex than this, often processing multiple instructions simultaneously. As CPUs have got faster, the main bottleneck is the data transfer speed between the RAM and CPU.
In order to boost performance, many CPUs will perform out-of-order execution when an instruction hasn’t yet been loaded from the RAM. If the code branches though, the CPU has to make a best guess as to which branch to follow, which is known as branch prediction. The CPU can then take this one step further and begin speculatively executing the predicted code.
Once the missing instructions are loaded, the CPU can unwind any predictive or speculative action as if it had never happened. However, both Meltdown and Spectre use these mechanisms in order expose sensitive data.
Intel’s Meltdown
Meltdown is currently the more contentious of the two exploits, and affects only Intel processors (although some reports suggest AMD processors may also be vulnerable). The kernel is the core of your computer’s operating system and has complete control over the system. As it has such comprehensive control, access to your system’s kernel is limited.
However, Intel’s implementation of speculative execution allows for preemptive access to the kernel, before performing an access check. Once the check is complete, the speculative access is blocked, but this brief period is enough to reveal data mapped in the kernel. This data could range from application data to passwords and encryption keys. The exploit is applicable to almost every Intel processor on nearly all operating systems including Linux, macOS, Windows, virtualization environments like VMware, and even cloud computing servers like Windows Azure and Amazon Web Services (AWS).
For the rest of the report, click here.
