Not Intel unified: Google discovered vulnerabilities in all modern processors

By: Bohdan Chub | 04.01.2018, 15:58

Following the messages about the bug in Intel chips, the processor giant issued an official statement, which says that the problem affects many types of devices, regardless of the manufacturer of the CPU and the operating system. This information is confirmed by the experts of the Google Project Zero, who published details of two vulnerabilities, code names Meltdown and Specter. The root of all problems were the flaws in the mechanism of speculative execution of instructions by the processor, but about everything in order.

Meltdown

The Meltdown vulnerability, which affects Intel processors with x86-64 architecture and some ARM64 chips, allows user applications to read the contents of the kernel memory of the operating system, in which logins, passwords and other private information can be stored. Speculative execution allows optimizing the performance of the chip by predicting and processing instructions until they are confirmed. Thus, waiting time is not lost, and if the check is not completed, all changes are canceled.

The problem is that the chips go too far in the preliminary estimates. Under certain conditions, before resetting the results of execution, the cache of the processor contains data from the kernel's memory, and hackers can learn about their presence by the speed of response to requests. Conducting an attack on third-party channels allows you to retrieve the contents of memory. In general, the method is not the easiest, but it can not be recognized with the help of antiviruses. It is established that with the help of Meltdown it is really possible to gain access to other people's memory in virtualization systems (from another virtual machine or even a host system).

To patch the security gap, developers had to separate kernel memory and user space. The necessary fixes have already been added to the Linux 4.15 kernel, Microsoft has updated Windows 10 and promises to add a patch for Windows 7 and Windows 8 on the following Tuesday. Apple has closed the vulnerability in macOS High Sierra 10.13.2. Google has already released updates for Android and Chrome OS, and on the way browser Google Chrome 64 with protection against attacks Meltdown. Correction also prepared ARM for the affected chips Cortex-A75, Cortex-A73, Cortex-A72, Cortex-A57, Cortex-A17 and Cortex-A9. Updates also receive "cloud" services, including Amazon Web Services, Microsoft Azure and Google Cloud Services.

The new KPTI protection mechanism affects the performance of devices, because the processor will have to reset the TLB buffer for fast forwarding each time it switches between kernel mode and user mode. The slowdown averages 5-30% and is highly dependent on the task. A more noticeable drop in speed will be in applications that often access the kernel (for example, for disk and network operations). But gamers do not have to worry. Intel also said that over time, the negative effect will be minimized. A detailed report of the company is expected next week, so for now, without details.

Specter

This vulnerability allows you to fraudulently obtain confidential data from other applications. It exploits the features of speculative execution of instructions in most modern processors. Intel, AMD and ARM are at stake. The above correction for Meltdown here also does not help. In practice, use the Specter is much more difficult (according to AMD representatives, the chances are almost zero), but there is no solution to the problem at the moment. Perhaps, for this you need to change the architecture of all processors. Updating microcode chips and additional levels of security in applications can only reduce the risks.

How to defend yourself?

While the only way to secure yourself is to install updates to the operating system and the browser. If, of course, they are supported by the manufacturer. According to representatives of Google, even without patches, they failed to reproduce the vulnerability on Android-devices with ARM-processor, but this is little consolation.

Attacks with Meltdown and Specter are not yet registered.

Sources: Liliputing , Ars Technica , Intel , Google Project Zero