Q: Am I affected by the CPU Vulnerability? A: Most Certainly, Yes !
If you are related to the technology world or not, the latest buzz around CPU Vulnerability by now would have got your attention. In this post, I am trying to bring some light on this topic with some interesting resources that I have got from the internet.
What is this CPU Vulnerability ?
Google Project Zero team recently discovered vulnerabilities in CPUs which when exploited can lead to attacks like Meltdown and Spectre. These hardware bugs allow programs to steal data which is currently processed on the computer.
What is Meltdown?
Meltdown attack breaks the fundamental isolation between applications and operating system. This attack can gain access to the memory and can steal information from other programs.
What is Spectre?
Spectre attack on other hand, breaks the separation/isolation between different applications. This attack allows attacker to tweak any program to start leaking the sensitive information.
What all processors are affected?
Probably all. To confirm, Google Project Zero team ran PoCs on following -
- AMD FX(tm)-8320 Eight-Core Processor
- AMD PRO A8–9600 R7, 10 COMPUTE CORES 4C+6G
- An ARM Cortex A57 core of a Google Nexus 5x phone
- Intel(R) Xeon(R) CPU E5–1650 v3 @ 3.50GHz
Can I detect if somebody exploited these on my machines?
Probably not as these does not keep any trace.
What all types of machines have been affected?
Desktops, Laptops, Mobile Phones and most of the smart devices. Most of the Cloud Services providers which use Intel CPUs and Xen PV.
I am using Google Services, where can I find information about it ?
Here is a detailed blog on what all Google provided services are affected — https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
It is also recommended to keep an eye on Google Cloud Security Bulletins and follow the instructions.
I am using Microsoft Services, where can I find information about it?
Microsoft has published the details about this vulnerability on blog — https://azure.microsoft.com/en-us/blog/securing-azure-customers-from-cpu-vulnerability/
As per the blog, The majority of Azure infrastructure has already been updated to address this vulnerability. Some aspects of Azure are still being updated and require a reboot of customer VMs for the security update to take effect.
What do I do now?
While most of the vendors are already working on providing a patch, please make sure to apply those as soon as possible. Some of the updates require restarts, so please make sure you do.
Where can I do more reading?
- Google Project Zero Blog Page — https://googleprojectzero.blogspot.in/2018/01/reading-privileged-memory-with-side.html
- Meltdown Attack — https://meltdownattack.com/
- Spectre Attack — https://spectreattack.com/
- RHEL Blog about this vulnerability — https://access.redhat.com/security/vulnerabilities/speculativeexecution
Hope this is helpful ! Stay alert and stay safe !