What are Meltdown and Spectre?
Meltdown is a designation for security gaps in the processor that makes the attacker able to break the isolation between the OS and applications, allowing them to access memory and all data stored therein. Meltdown is the famous name of the official naming of the CVE-2017-5754.
Spectre is a designation for security gaps in the processor that makes the attacker able to break the isolation between one application with other applications, making them able to deceive applications that are already safe and without error to leak various important data in it.Spectre is the famous name of the official naming bug CVE-2017-5753 and CVE-2017-5715.
Spectre is harder to exploit than Meltdown, but they are harder to overcome.
Can Antivirus protect from this attack?
In theory, it can, but in practice, it can hardly be done. Unlike most malware, Meltdown and Spectre are hard to distinguish from trusted apps. However, antivirus may still be able to detect the malware used for this attack by comparing binary malware once it is known.
What can be stolen from this attack?
Almost everything that stored applications and OS in memory can be stolen, ranging from passwords, credit card details, important documents, photos, emails, to a chat on the messenger can be stolen.
How to overcome Meltdown and Spectre?
Microsoft has released patches for Windows 10 and will be installed automatically (KB4056892). While Windows 7 and Windows 8 users will have to wait until the tuesday patch is released.
As for Linux users, there are already patches released (KPTI / KAISER), as well as macOs has already given patch via macOS 10.13.2. For Android, patches are included in the latest security updates.
Post a Comment