cancel
Showing results for 
Search instead for 
Did you mean: 

FAQs on Meltdown and Spectre

FAQs on Meltdown and Spectre

Answers to the most common questions about the processor vulnerabilities and attack scenarios Meltdown and Spectre.
FAQs_zu_Meltdown_und_Spectre_-_logo-meltdown-spectre.png

 

  • How can the vulnerabilities be exploited?

  • Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program is able to exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.
    Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.
  • Meltdown and Spectre? What's this?

  • Meltdown and Spectre are attack scenarios which are able to exploit the hardware vulnerability using malicious code.
    So far, there are three attack scenarios published by Google:
    CVE-2017-5753 (Spectre 1, Bounds Check Bypass)
    CVE-2017-5715 (Spectre 2, Branch Target Injection)
    CVE-2017-5754 (Meltdown, Rogue Data Cache Load)
  • What is the difference between Meltdown and Spectre?

  • Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory.
    Spectre tricks other applications into accessing arbitrary locations in their memory.
    Both attacks use side channels to obtain the information from the accessed memory location.
    For a more technical discussion we refer to the papers
    Meltdown (PDF)
    Spectre (PDF)
  • Which processors are affected?

  • Basically, both current and older processors are vulnerable to at least one of the three attack scenarios.
    Name CVE-Nr. Intel AMD ARM * IBM Power
    Spectre, Var. 1 (Bounds Check Bypass) CVE-2017-5753
    Spectre, Var. 2 (Branch Target Injection) CVE-2017-5715 -
    Meltdown (Rogue Data Cache Load) CVE-2017-5754 - - -

    * affected are Cortex-A8, -A9, -A15, -A17, -A57, -A72, -A73, -A57, -R7, -R8, not the Cortex-A53 in the Raspi
  • Which operating systems are affected?

  • Since this is a hardware gap, all operating systems are affected!
  • Am I affected by the vulnerability?

  • Most certainly, yes.
    You can check this by using the PowerShell.
    • Press the Windows key or click the Start menu and type in PowerShell.
    • Run PowerShell as administrator by right-click.
    • In the opened window, enter Set-ExecutionPolicy -ExecutionPolicy RemoteSigned , press Enter and confirm the execution with "A".
      FAQs_zu_Meltdown_und_Spectre_-_WindowsPowerShell-1a.jpg
    • Type Install-Module SpeculationControl , press Enter and confirm with "Y" and "A". Now the module will be installed via NuGet.
      FAQs_zu_Meltdown_und_Spectre_-_WindowsPowerShell-1b.jpg
    • Type Get-SpeculationControlSettings and execute.
      FAQs_zu_Meltdown_und_Spectre_-_WindowsPowerShell-1c.jpg
     
    For this Microsoft has published a support article::
    Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabil...
  • Will there be an update to the Meltdown / Sprectre vulnerability for MEDION devices?

  • There are three known vulnerability variants.
     
    #1: Spectre 1, Bounds Check Bypass (CVE-2017-5753)
    • Requires operating system updates
    • May require driver and/or application updates
    → Yes! Security hole "Spectre 1, Bounds Check Bypass (CVE-2017-5753)" fixed by KB4056568 (info)
     
    #2: Spectre 2, Branch Target Injection (CVE-2017-5715)
    • Requires processor microcode updates
    • Requires operating system updates
    • May require driver and/or application updates
    → Yes! BIOS updates are requested for the current MEDION motherboards.
      → MEDION Desktop Mainboards
      → MEDION Notebooks
    → Note:
      Intel recently announced that they have completed their validations and started to release microcode for newer CPU platforms around Spectre Variant 2 (CVE 2017-5715).
      → Security hole "Spectre 2, Branch Target Injection (CVE-2017-5715)" fixed by KB4090007 for some CPUs.
     
    #3: Meltdown, Rogue Data Cache Load (CVE-2017-5754)
    • Requires operating system updates
    → Yes! Security hole "Meltdown, Rogue Data Cache Load (CVE-2017-5754)" fixed by KB4056568 (info)
     
    As a reminder, the Operating System patches provide mitigation to Spectre 1 (Bounds Check Bypass, CVE-2017-5753) and Meltdown (Rogue Data Cache Load, CVE-2017-5754).
    The microcode update is only required for Spectre 2 (Branch Target Injection, CVE-2017-5715).
     
  • Which actions are required?

  • For Windows, the following actions are required:
    • Ensure that your anti-virus software as well as your anti-virus definitions are up to date before installing the Windows OS update.
      Contact your anti-virus vendor for more details.
    • Windows OS Updates (Windows 7 through Windows 10) are required. Microsoft has made patches/updates available via Windows Update.
      Go to Microsoft Security 'Advisory ADV180002: Guidance to mitigate speculative execution side-channel vulnerabilities' for further details.
    • Processor microcode updates are being released via BIOS updates to help mitigate this issue and will be available via Windows 10 Update.
      Relevant BIOS updates can also be downloaded from the lists below.
      → MEDION Desktop Mainboards
      → MEDION Notebooks

    Notes:
    • The January 2018 Windows security update will only be offered to devices running supported anti-virus (AV) applications.
      If you do not see the patch available to download from Windows Update, your anti-virus software may need to be updated.
     
  • Which BIOS version do I have?

  • You can read out the installed BIOS version with "MSinfo32":
    • In the Cortana search box type "MSinfo32" and select "System Information"

    Alternatively, you can read information about the mainboard via the command line:
    • Open the Run window using the keyboard shortcut [Win + R].
    • Enter "cmd" and confirm with [OK].
    • Enter the desired commands in the command line window (or copy from here and insert by right mouse click):
    > Motherboard Type: wmic baseboard get product,Manufacturer,version
    > BIOS version: wmic bios get name,version
    > Processor Info: wmic cpu get name
     
  • References and further information:

  • • TU Graz: Overview page of Graz University of Technology, which was instrumental in the discovery of Meltdown ...
    • Intel: Facts About Side Channel Analysis and Intel® Products
    • Google Security Blog: Today's CPU vulnerability: what you need to know
    • Google Project Zero research: Reading privileged memory with a side-channel
    • Google Product Status: Google’s Mitigations Against CPU Speculative Execution Attack Methods
    • Microsoft: Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabil...
    • Microsoft: Advisory ADV180002: Guidance to mitigate speculative execution side-channel vulnerabilities
     
Version History
Revision #
3 of 3
Last update:
‎08.03.2018 11:20
Updated by:
Community Manager
 
Contributors