Spectre Vulnerability

By : admin In: Articles, Blog January 15, 2018

The beginning of the year has already witnessed a new vulnerability. Vulnerabilities in modern days help in leaking passwords and sensitive data. The hardware vulnerabilities allow programs to steal data which is currently processed on the computer while applications are not approved to read data from other programs. The hackers can take advantage by exploiting the Spectre Vulnerability or Speculative Execution Vulnerability to access or get hold over your secrets stored in the memory of other running programs which includes personal photos, emails and business related critical documents.

Just like meltdown vulnerability spectre vulnerability can attack personal computers, mobile devices and cloud storage. Spectre is a type of vulnerability that affects modern microprocessor with the help of speculative execution. Two CVE ID (common vulnerabilities and exposures) related to spectre are CVE-2017-5753 also known as BOUNDS CHECK BYPASS and CVE-2017-5715 also known as branch target injection have been issued. Spectre might have some characteristics like meltdown, but it has much more different attributes from meltdown vulnerability. Spectre is used to break the isolation between various applications as it allows the attacker to trick the error-free programs to leak their confidential or essential information. Spectre is also harder to exploit than meltdown vulnerability, but on the other hand, it is, even more, harder to mitigate.

As of 2018, almost every computer system is affected by the spectre. Spectre is currently capable of attacking some Intel, AMD, ARM-based and IBM processors specifically, processors with SPECULATIVE EXECUTION are affected by this vulnerability. Researchers have concluded that spectre vulnerability has much more impact on cloud storage.

Spectre Discovery

Spectre vulnerability is a vulnerability that has been discovered very recently, i.e., in January 2018. It was first seen and reported by some independent individuals,

  • Jann Horn (Google Project Zero),
  • Paul Kocher in collaboration with collaboration with Daniel Genkin(the University of Pennsylvania and University of Maryland), Mike Hamburg(Rambus), Moritz Lipp(Graz University of Technology) and Yuval Yarom(University of Adelaide and Data61).

Now, the most important question that is asked the most is how can we know that if our computer systems are affected or not so the answer of this question is different for different platforms or operating system. So, spectre-meltdown-checker.sh is a shell script to check if your Linux kernel is vulnerable against the Spectre and Metldown.

Use the wget command or curl command to grab the source code:
$ cd /tmp/
$ wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh


OR

$ git clone https://github.com/speed47/spectre-meltdown-checker.git

Run the script as root user using sudo command or su command:
$ sudo sh spectre-meltdown-checker.sh

Microsoft also have created a PowerShell script that tells you whether your system is vulnerable to spectre vulnerability or not and to know that we need to follow some steps in the order they have been provided below,

  • Load an elevated PowerShell prompt. Tap on the Windows-key, type PowerShell, hold down the shift-key and the ctrl-key and select the PowerShell entry to load it.
  • Type INSTALL-MODULE SpeculationControl.
  • You may get a prompt affirming that “NuGet provider is required to continue.” Select Y to accept that.
  • You may get a prompt stating that you are installing an “untrusted repository.” Select Y to continue.
  • Type Import-Module SpeculationControl.
  • You may get an error stating that “running scripts” is disabled. If you do, type Set-ExecutionPolicy RemoteSigned. Repeat the command Import-Module SpeculationControl.
  • Type Get-SpeculationControlSettings.
The PowerShell Script displays information about the vulnerability and available mitigations at this point. If the result of the elements is True, that means your system is protected from spectre vulnerability, and if it shows False, that means your system is vulnerable to Spectre vulnerability.

Solution

All supported versions of windows are getting an emergency patch to fix the bug in Intel CPU chips. As Microsoft said in “ADV180002 | Guidance to mitigate speculative execution side-channel vulnerabilities”. Microsoft has also acted to secure our cloud services.

Source: Wikipedia, meltdownattack.com