Massive security flaw on CPU level- Meltdown & Spectre

Spectre and Meltdown is the hot topic on the internet for the past few days. I am not an expert to explain this. I'm going to brief them here for normal computer users.

Spectre and Meltdown are one of the biggest ever reported security threats in the computer history. Actually there are three different problems. Meltdown is one of them which is widely discussed because it affects Intel x86, x64 processors which has majority of market shares, that’s how it became the biggest threat ever. All CPU manufacturers like Intel, AMD, ARM are affected by this problem but Intel is more affected because for them it is affected on hardware level where as for rest of them are affected on software level.

For AMD you have to have physical access to exploit vulnerability but for Intel, this memory leak bug is so critical. You don’t need physical access. The memory leak now happening with the kernel is accessible to exploiter and it is not encrypted which includes passwords, session data, access point to and from your machine. It acts as a back-door like anyone can get into and do anything. Attacker can edit/delete/add data through this. They can even run programs or malicious software.

Most unfortunate thing is that, unlike any ransomeware attacks, this vulnerability affects pretty much everybody. All the manufacturers are working hard with software vendors(OS) to fix this issue. This is affected by almost every OS like windows, Linux or even Mac OS. In December a Mac OS update went out which included a fix for this.

AMD has a different implementation called kernel page table isolation feature. It protects the system against these kind of issues. So if you are an AMD user, the hacker needs physical access to your machine to hack you. Talking about the majority(Intel & Microsoft combination), users are at the mercy of Microsoft to release fix for it. They released an update(KB4054022) on Jan 9th . This is something like a band-aid fix because the actual problem is on hardware level. Until Intel fixes this issue on their new CPUs’ our old machines will run on software fixes which may be broken and hacked in coming days.

However the fix will slow down your CPU by as little as 5% or as much as 30% depending on the age of processor and workload on it.

So what exactly is this issue? For that we have to understand speculative execution. Speculative execution is an algorithm that speeds up computing. It predicts the data pattern and creates the result upfront to user. If that was not the actual data, processor will dump this data in cache memory. The problem is that, this data is not encrypted. In modern computing, programs shares data with process and components. So one can look into this sensitive data and steal it without user knowing it. In the future version of CPUs’ this issue will be fixed.