Meltdown and Spectre

1/9

This material was developed with funding from the National Science Foundation under Grant # DUE 1601612

Back

Next

Restart

Click the magnifying glass to continue.

2/9

Meltdown and Spectre are two vulnerabilities discovered by Google security researchers that affect almost all CPUs released since 1995. The impacted CPUs are within desktops, laptops, servers, smartphones, smart devices, and cloud services. Attackers exploiting these vulnerabilities can read data from a computer's kernel memory (Meltdown), but also data handled by other apps (Spectre). Meltdown and Spectre vulnerability exploitations are referred to as side-channel attacks which results in leaked memory data. Large amounts of memory data can be compromised because the attacks can be run multiple times on a system with very little possibility of a crash or other error.

Memory data

Kernel Memory is a protected area of the main memory within the operating system.

Close 

Click the memory data to see what’s inside.

Affected technologies include web browsers, CPU chips, and operating systems. The memory data can include the most protected information stored in memory which includes passwords stored in a password manager or browser, emails, personal photos, instant messages and other sensitive documents.

3/9

Runtime Condition is when code executes.

From a technical standpoint, when a branch in code execution depends upon a runtime condition, that is to say an overflow condition, unusual events, or an array out of bounds, modern processors make a “guess” in an attempt to save time. This speculatively executed branch progresses with a guess of the value of the condition upon which the branch must depend. That guess is typically based upon the last step of the same branch’s previous execution.

4/9

Click the question mark to continue.

5/9

The guessed value is cached for reuse in case that particular branch is taken again. There is no loss of computing time if the condition arrives at a new value because the processor must in any event wait for the value’s computation. Invalid speculative executions are thrown away but data from the execution may be retained in the processor caches. The retaining of invalid execution data is one of the properties of modern CPUs upon which Meltdown and Spectre depend.

6/9

Exploiting the Spectre and Meltdown vulnerabilities requires local code execution. As such, JavaScript files delivered via web pages have been identified as a potential delivery point to remotely located devices. Attackers can then run the remotely injected code locally to extract memory data from victims.

Virtual Machine is an emulation of a computer system that provides a substitute for a real machine. 

Click the bug to continue.

Spectre is designed to foster attacks across application boundaries and thus allows an attacker to cross virtual machine boundaries. This vulnerability might allow an attacker to use a cloud virtual machine instance to attack other tenants of the cloud.

7/9

8/9

Both Meltdown and Spectre are exceptionally hard to detect because they do not leave forensic traces or halt program execution. This makes post-infection investigations and attack attribution much more complex.

9/9

Currently the best way to deal with Meltdown and Spectre is to deploy patches at the chip-level, the Operating System (OS) level and the application level to all affected devices and products.

Click the patch to continue.