![]() By the time you read this, your cloud provider has probably already fixed your environment. The good news is, these vulnerabilities went through some pretty serious coordinated disclosure, so all the major hardware, software, and cloud service vendors are already on the job. But, since it's merely a memory read issue, attackers don't get a straight shot at privilege escalation with this, and there's going to be some luck involved to have useful-to-attackers data in active memory when these techniques are used. Now, “local access” usually means that the attacker needs to have an authenticated account and the ability to install and run code on the target computer, but it’s important to note that this condition can be achieved by, say, a malicious Javascript application running in your browser. Now, that all said, kernel bugs tend to be tricky to exploit, and the requirement for having local access further limits the offensive use. So, if an attacker can get some malware running on the same computer as your passwords, keys, and tokens, they have the opportunity to read those secrets. Obviously, you don’t want to be leaking your secret, private keys to your hosted neighbor, so this is a Big Deal for them.īut, this affects pretty much every platform around-traditional servers, PCs, mobile devices, and IoT. ![]() These are physical computers that many programs and operating systems share. The most obvious affected platform is any cloud-based or shared hosting provider. What this boils down to is, if there are two programs running on your computer, they can spy on each other, regardless of the security boundaries between them.įor a ton more detail on these issues, you should head on over to and follow the links there for the relevant published papers. ![]() In the Spectre scenario, programs can be coerced into leaking their own private data. Turns out, there are some security problems with this processing trick, and those problems are collectively known as the “Meltdown attack” and the “Spectre Attack.” In the Meltdown scenario, an attacker’s program can peek at the memory of the operating system’s kernel (the code that takes instructions from the operating system and hands them off to the CPU), and can read private data that it shouldn’t. It’s called “Speculative Execution,” and it’s a pretty clever time saver that translates to faster, more efficient processing. Instead, CPUs make some educated guesses about what’s likely to happen next, and set things up so that if that guess turns out to be correct, everything is already set up in memory. These days, CPUs don’t just execute instructions from the operating system just as they come. On January 3rd, 2018, there were rumors flying around about a vulnerability that affects pretty much all modern Intel processors (which turns out to be nearly all processors, not just Intel), having to do with the internals of how processors manage code execution. This is a quick post to let you know just how freaked out, or not, you should be. After waking up from a long winter’s nap, you may have heard the lamentations about the “Intel Kernel Leak” vulnerability, or the “Kernel Speculative Execution” vulnerability, or, now, the “Meltdown and Spectre” vulnerabilities.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |