Whenever a computer virus or vulnerability is detected, one usually finds comfort in the fact that it can be fixed by a patch or by protecting against a specific malware. However, that is not the case when the vulnerability itself is a flaw within a system’s design. That is what the recent bugs known as Meltdown and Spectre are. These bugs affect any device using modern processors such as Intel, ARM, and AMD.
How it works
Both of the bugs are related to the way microprocessor architectures handle virtual memory when communicating with the kernel. The kernel is the core part of any operating system that serves as an intermediary between the systems hardware and user applications. The kernel has its protected virtual memory separate from the user application layer to avoid unwanted access. However, Meltdown and Specter bypass these protections in the kernel’s memory system which can potentially allow a rogue software or user to access this data. This data can contain information such as password, encrypted communications, and other information.
Meltdown was first discovered as a proof of concept by Google’s Project Zero, Cybersecurity company Cerberus, and the Technical University of Graz in Austria. Meltdown takes advantage of the use of speculative kernel memory in modern CPUs. Operating systems separate memory based on which can be accessed by an application and which is used by the kernel. Speculative memory allows applications to check if specific kernel resources are accessible to the application after the command is issued. Intel processors are particularly vulnerable to this type of flaw due to their extensive use of speculative memory.
The spectre vulnerability was discovered by Google’s Project Zero and security researcher Paul Kocher. Like Meltdown, Spectre also uses speculative memory to circumnavigate the protections put in place to restrict access to kernel memory. By using array bound checks and branch instruction data in the kernel’s memory can be exposed. The bug is also capable of bypassing virtual computer environments and reach the systems kernel memory. Spectre has a greater scope of effect compromising not only Intel processors but also ARM and AMD processors. This means that devices powered by some of these processors like computers, smartphones, tablets, and servers are susceptible to being exploited.
Can it be Fixed?
Patches are being released by numerous technology companies including Microsoft, Apple, Intel ARM, AMD, and Linux distributors. Given that this is primarily a design flaw in the processors these patches do not completely eradicate the issue. The patches attempt to build stronger protections around the kernel, a.k.a. Kernal page table isolation, and to limit the use of speculative memories to mitigate the issue. However this would come at the cost of a systems performance. Service providers should be the most worried about these new bugs due to the troves of data they contain that bad actors can exploit.