Google and Microsoft warn for new Meltdown and Spectre variants

Google and Microsoft warn for new variants of the Spectre and Meltdown attacks that could be used by attackers to obtain sensitive data like passwords and credit card numbers. The attacks, Speculative Store Bypass (SSB) and Rogue System Register Read (RSRE) are so-called "speculative execution side channel" attacks and abuse the architecture that has been developed to enhance the performance of CPUs.

ADVERTISEMENT

Through RSRE, a Meltdown variant, the attacker with local access to the system can read out system parameters through a side-channel analysis and obtain sensitive data. SSB is an attack that abuses the "speculative bypass" feature of the processor and makes it possible for an attacker to read older memory values in the CPU stack or other memory locations. This way code with low privileges can gain access to higher privileged data and "speculative execute" older commands.

Systems with AMD, ARM and Intel processors are all vulnerable. The manufacturers report they have updates in the works. The SBB attack is a low risk for users, according to Microsoft and the company states that previous Spectre and Meltdown updates also protect against SBB in some cases. AMD reports that Microsoft is currently working on AMD specific updates that will be distributed via Windows Update and protect against the SSB attack. AMD processors are not vulnerable to the RSRE attack.

The Computer Emergency Readiness Team of the American government (US-CERT) and the CERT Coordination Center (CERT/CC) of the Carnegie Mellon University and Redhat have published more information about the vulnerabilities.

ADVERTISEMENT

US-Cert describes Meltdown as, "a bug that "melts" the security boundaries normally enforced by the hardware" and Spectre as, "a flaw that an attacker can exploit to force a CPU to reveal its data."

No posts to display