Meltdown & Spectre – What You Should Know & What You Should Do
| Martin Rudloff
Have you ever heard of Meltdown and Spectre? Unless you live under a rock, you probably have...! Meltdown and Spectre are security flaws that were uncovered recently, and they affect pretty much all computers currently in the market. Intel, AMD and ARM are all affected by it.
Both flaws exploit a hardware feature built into current processor that was designed to improve performance. Unfortunately it also could allow a hacker to bypass the protections and have access to information.
Meltdown is the worst bug, as it is relatively easy for someone to write an application that could steal your data, as long as it is running on your computer. “Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.”
Spectre is harder to be exploited, but is also harder to correct. “Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.”
What should you do?
Both LINUX and Microsoft already released security updates that minimize exposure, so make sure you update your LINUX and Windows to the latest. You should also make sure to only run known applications from trusted or validated sources.
Intel also released updated microcode for most of the current and previous processors, and Corvalent is releasing updated BIOS with Intel recommended patches from the latest Kaby Lake down to older generation motherboards.
Corvalent also changed some of your default settings, including disabling AMT, to further increase the security of our platforms.
The combination of Operating System patches and microcode updates may affect the performance of the system, but it is really hard to determine how much, as differences in use will have different effects in performance.
Corvalent will keep up with any changes and updates recommended by Intel, and we will do our best to minimize any risk to our customers.
So please make sure to update both your Operating System and update your BIOS to the latest revision. If you have a really old platform, please let us know and we will consider options to increase your security.
Additional resources:
Vulnerability Handling Guidelines
https://www.intel.com/content/www/us/en/security-center/vulnerability-handling-guidelines.html
Microcode Update Guidance
http://newsroom.intel.com/microcode
Security Exploits and Intel Products
https://newsroom.intel.com/press-kits/security-exploits-intel-products/