Intel Meltdown and Specter & Intel Processors

Meltdown is the vulnerability of hardware affecting Intel x86 microprocessors, IBM POWER processors and some ARM-based microprocessors. Allows an unauthorized process to read all memory, even if it is not allowed.

Meltdown affects a wide range of systems. At the time of this disclosure, it included all devices that use only the latest iOS patch Linux, macOS, or Windows. As a result of this finding, many servers and cloud services have been affected, as well as the potential of most smart devices and embedded devices using ARM-based processors (mobile devices, smart TVs, etc.), including a wide range of network devices. Meltdown's pure software solution was considered to slow down 5 to 30 percent in certain specialized workloads, although the companies responsible for the exploit software correction have a minimal impact on general benchmark testing.

Meltdown was released in January of the year 2018 together with the CVE Vulnerability and Exposure ID - 2017-5754, also known as Rogue Data Cache Load. It has been published in conjunction with further use of Spectra, with which it shares some but not all features. Meltdown and Spectra's vulnerabilities are considered "disastrous" by security analysts. Vulnerabilities are so serious that security researchers initially believed they were false.

Several procedures have been published to help protect home computers and related devices from vulnerable Meltdown and Spectre security sites. Patches caused by Meltdown may cause loss of performance. Patches of features that significantly reduce performance, especially on older computers, have been reported; on the eighth generation newer platforms, performance indicators of 2-14% drops were measured. On 18. January 2018 unintentional restarts, including Intel's newer chips, have been reported due to Meltdown and Specter patches. However, according to Dell computers:"To date [26.1.2018], no" real "exploits of these vulnerabilities have been recorded [ie. Meltdown and Specter], although researchers have created evidence of concepts. ” Other recommended prevention includes: “Quickly receive software updates, avoid unrecognized hyperlinks and websites, not download files or applications from unknown sources… after a secure password protocol… [using] anti-malware security software (advanced threat prevention software or anti-virus).

Meltdown uses race conditions that are custom design by many modern processors. This occurs between accessing memory and checking permissions during instruction processing. In addition, in combination with the attack on the side channel buffers, this vulnerability makes it possible to bypass the normal privilege control that isolates the exploit process from access to the operating system and other running processes. This vulnerability allows an unauthorized process to read data from any address that is mapped to the memory space of the current process. Since instruction stream processing in affected processors makes data from an unauthorized address almost temporarily cached by the CPU during execution out of order - of which data can be restored. This can happen even if the original read instruction fails to check permissions and / or if it never produces a readable result.

Because many operating systems map the physical memory, kernel, processes, and other running user process space to the address space of each process, Meltdown effectively enables the rogue process to read any physical, kernel or other mapped memory processes, regardless of whether this should be possible. Antitheft protection would require the use of memory mapping to be avoided in a way that is threatened by such explosions (ie a software-based solution) or avoiding basic plant conditions (ie Microcode Modification and / or CPU Execution Path).

This vulnerability is viable on any operating system in which privileged data is mapped to virtual memory for disadvantageous processes - which includes many today's operating systems. Fusion could impact a wider range of computers than is currently determined, as there is little to no difference in the microprocessor families using these computers.

The Meltdown attack can not be detected if it is executed.

sharing

Write a comment

Your email address will not be published. Required fields are marked *