Meltdown And Spectre
Am I affected by this bug?
In all likelihood yes.
Can I see that Meltdown or Specter was used against me?
Probably not. The usage leaves no traces in conventional logs.
Can my antivirus detect or block this attack?
In theory, this is possible but unlikely in practice. Unlike common malware, Meltdown and Spectre are hard to distinguish from normal applications. However, an antivirus program might detect a malware that uses the attacks by comparing binaries.
What information can be tapped?
If a system is affected, you can use the Proof-of-Concept exploit of the Graz University of Technology to read the memory content of a computer. This includes passwords and other sensitive data.
Are Meltdown and Spectre already exploited in the wild?
This is not known.
Is there a workaround or fix?
There are patches against Meltdown for Linux, Windows, and macOS. Work is also underway to secure software against future Spectre exploits.
Is there a patch for Windows?
Yes, Microsoft has released KB4056890. Possibly, the patch is not yet played by all users, there are probably responsible for incompatibilities with anti-virus programs, more patches are expected for the first patch day on the second January-Tuesday.
Which systems are affected by Meltdown?
Desktops, laptops, and cloud computers can be affected by Meltdown. More specifically, this is potentially the case with any Intel processor that implements “out-of-order execution”. In practice, every Intel processor since 1995 affected (exceptions: Intel Itanium and Intel Atom before 2013). The Graz University of Technology has tested Meltdown on Intel processor generations from 2011 onwards. So far, you could only verify Meltdown on Intel CPUs, according to the security researchers, it is currently unclear whether that also applies to ARM and AMD.
Which systems are affected by Spectre?
Again, there are all desktop, laptop and cloud server systems, but there are also smartphones. All modern processors that can handle many instructions simultaneously are potentially affected. The TU Graz experts were able to verify Spectre on Intel, AM, and ARM processors.
Which cloud providers are affected by Meltdown?
Anyone who uses Intel CPUs and Xen PV for virtualization and who have not patched. It also affects cloud providers without real hardware virtualization sharing a kernel like Docker, LXC, or OpenVZ.
What is the difference between Meltdown and Spectre?
Meltdown breaks the mechanism that prevents applications from accessing any system memory. This in turn makes it possible to access the system memory. Spectre allows other applications to access arbitrary locations in memory. Both attacks use page channels to get information from the accessed location.
How can I secure Chrome?
This is possible via site isolation. For this you should copy chrome: // flags / # enable-site-per-process into the address bar and activate the item “Strict site isolation”, which can be found at the top.