{% set baseFontFamily = "Open Sans" %} /* Add the font family you wish to use. You may need to import it above. */

{% set headerFontFamily = "Open Sans" %} /* This affects only headers on the site. Add the font family you wish to use. You may need to import it above. */

{% set textColor = "#565656" %} /* This sets the universal color of dark text on the site */

{% set pageCenter = "1400px" %} /* This sets the width of the website */

{% set headerType = "fixed" %} /* To make this a fixed header, change the value to "fixed" - otherwise, set it to "static" */

{% set lightGreyColor = "#f7f7f7" %} /* This affects all grey background sections */

{% set baseFontWeight = "normal" %} /* More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set headerFontWeight = "normal" %} /* For Headers; More than likely, you will use one of these values (higher = bolder): 300, 400, 700, 900 */

{% set buttonRadius = '40px' %} /* "0" for square edges, "10px" for rounded edges, "40px" for pill shape; This will change all buttons */

After you have updated your stylesheet, make sure you turn this module off

Spectre & Meltdown Vulnerabilities – Cutting to the Chase

by Mick Ayzenberg on January 8, 2018

meltdownspectre.jpgIt appears that these two have produced a whole new class of vulnerabilities affecting almost all desktops, laptops, and phones. 

No need to get into the gory details as many others have done a great job there.  In summary, it is a vulnerability that involves virtual memory and the impact is wide ranging -  affecting all operating systems that implement virtual memory and might involve a hardware fix (ie throw out your server and start over). 

Intel uses "Speculative Execution", a technique used by most modern processors (CPUs) to optimize performance. This is similar to branch prediction and goes even further evaluating code ahead of time to get increased speeds. Testing by Google showed that an attacker running on one virtual machine was able to access the physical memory of the host machine, and through that, gain read-access to the memory of a different virtual machine on the same host - revealing the contents of kernel memory from a user application.

To do this, that attacker might read to kernel memory location directly from a piece of malicious code. The processor will then "speculate" that the read operation will succeed and recovers the value of that memory, only later discovering that this is a violation and destroying the results.

What this means is that if the attacker does something like:

  1. Read the memory from KernelAddress1 into a register as an integer (illegal)
  2. Read the memory from (UserspaceAddress1 + the result of that last operation)

There is a possibility that step 2 will execute before the fault from step 1 has been recognized. It may also be possible that as a result of step 2 running, the data at (UserspaceAddress1 + KernelReadResult) will be added to the cache for speedy recovery.

This means that after the fault has occurred, an attacker can monitor the time it takes to read from this same userspace memory location to determine whether that value has been read before, thus determining the value of that protected kernel memory.

By carefully organizing memory in userspace, it's possible that an attacker can leverage these optimizations to learn what the value of kernel memory is at any arbitrary location. In simpler terms, think of it as escalation of privilege followed by information disclosure. 

To compound the issue, disabling this will likely cause a 10-20% performance hit for pretty much all applications everywhere. 

So What Does This Mean for You?

If you are using a modern machine, you are most likely affected by this vulnerability.  If you are hosting VMs or are running software on a cloud environment, there is a risk that attackers on the same hardware will target your system to steal sensitive data.  If you are an end user, it is more important than ever to be vigilant of what code is running on your machine and avoid visiting malicious web sites which might be using JavaScript to target your system.

Overall, the most important thing is to keep your systems patched and updated as quickly and as often as possible.  Teams across all areas of technology (browsers, operating systems, cloud) are working around the clock to provide mitigations against this new category of vulnerabilities, so it is important to stay up to date in order to receive the benefit of these new protections. 

It appears that there are three variants of the issue (CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754).   The mapping is as follows:

Spectre

 

Meltdown

 

Whitepapers for each:  

Spectre - https://spectreattack.com/spectre.pdf

Meltdown - https://meltdownattack.com/meltdown.pdf

Topics: application security, mobile security

Most Recent

What's Trending

Featured Resource