I hope you all knows the latest vulnerability i.e. Meltdown which has been discovered almost in every CPU having Intel Processor.
These both vulnerabilities are basically hardware design flaws that attackers can easily exploit to access part of the memory that should remain private allowing them to steal your personal information.
According to Wikipedia – “Meltdown is a hardware vulnerability affecting Intel x86 microprocessors and some ARM-based microprocessors.“.
- It allows a rogue process to read any physical, kernel or other process’s mapped memory, regardless of whether or not it should be able to do so.
- It allows an unauthorized process to read data from any address that is mapped to the current process’s memory space, because instruction pipelining in the affected processors means that the data from the unauthorized address will almost always be temporarily loaded into the CPU’s cache during speculative execution, from which it can be recovered using other techniques, even if the original read instruction eventually fails due to privilege checking and never produces a readable result.
Accordingly, many servers and cloud services were impacted, as well as a potential majority of smart devices and embedded devices using ARM based processors (mobile devices, smart TVs and others), including a wide range of networking equipment.
To test the meltdown vulnerability in a Linux distribution, just open the terminal and install the following script via git utility.
Command: git clone https://github.com/paboldin/meltdown-exploit.git
After that you need to compile the script with the help of “make” command as per below screenshot.
To run this script, type “./run.sh” in same terminal which actually starts to test the meltdown vulnerability.
From the above screenshot, it clearly shows that the above system/machine is VULNERABLE to Meltdown Vulnerability.
- Vulnerable CPU/Kernels list: https://github.com/paboldin/meltdown-exploit/issues/19
- Invulnerable CPU/Kernels list: https://github.com/paboldin/meltdown-exploit/issues/22
You can also test the same with another script which also tests the SPECTRE Vulnerability along with MELTDOWN Vulnerability.
For this you need to download this script (spectre-meltdown-checker) with the help of wget command as per below screenshot:
Command: wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh
To run this script, type “./spectre-meltdown-checker.sh” in your same terminal.
Note: Don’t forget to change the permissions of the bash file.
As you can see that, the Spectre Variant 1 is still vulnerable, Linux kernel developers are still working on patches that will fully protect against Spectre. Consult your Linux distribution for more information about patch availability.
Here are the CVE id’s related to spectre and meltdown:
- CVE-2017-5754 rogue data cache load (Meltdown)
- CVE-2017-5753 bounds check bypass (Spectre Variant 1)
- CVE-2017-5715 branch target injection (Spectre Variant 2)
Microsoft also developed a PowerShell Script that will quickly tell you whether your machine is protected or not. To test on Windows 10 OS, you need to open the Windows PowerShell (Admin) by right clicking on Start Menu and Run as Administrator.
Type the following command:
Command: Install-Module SpeculationControl
Press “Y” to install the NuGet provider and again press “Y” to install the modules from PSGallery repository.
The standard execution policy will not allow you to run this script. So, to run the script, you will first save the current settings so you can restore them later. Then you;’ll change the execution policy so the script can run.
Run the following two commands to do this:
Command: $SaveExecutionPolicy = Get-ExecutionPolicy
Command: Set-ExecutionPolicy RemoteSigned -Scope Currentuser
Press “Y” to confirm.
Then, to actually run the script, run the following commands:
Command: Import-Module SpeculationControl
You will see that whether your PC has the appropriate hardware support or not.
Here you need to look into these following things:
- The “Windows OS support for branch target injection mitigation” refers to the software update from Microsoft. You’ll want this to be present to protect against both Meltdown and Spectre attacks.
- The “hardware support for branch target injection mitigation” refers to the UEFI firmware/BIOS update that you’ll need from your PC manufacturer. You’ll want this to be present to protect against certain Spectre attacks.
- The “Hardware requires kernel VA shadowing” will show as “True” on Intel hardware, which is vulnerable to Meltdown, and “False” on AMD hardware, which isn’t vulnerable to Meltdown. Even if you have Intel hardware, you’re protected as long as the operating system patch is installed and “Windows OS support for kernel VA shadow is enabled” reads “True“.
To reset the execution policy to its original settings after you’re done, run the following command:
Command: Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser
The only solution to protect from these two vulnerabilities i.e Spectre and Meltdown are Windows Update. The windows update that helps to mitigate the security vulnerabilities should install automatically.
While installing the patch for this vulnerabilities, some users may cause BSOD (Blue Screen of Death), make sure that you must visit your AV Company’s Support Website for latest update.