Get in touch now on

+61 7 3480 5121

Experts Weigh In On Spectre Patch Challenges
08 January, 2018
This post was originally published on this site

The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices.

Currently, vendors are focused on three main mitigation efforts. Patches that address the Meltdown flaws are KPTI (Kernel Page Table Isolation) and KAISER (Kernel Address Isolation to have Side-channels Efficiently Removed). On Thursday, Google unveiled a Retpoline coding technique for mitigating against Spectre attacks.

Intel said last week that it is “rapidly issuing updates for all types of Intel-based computer systems” that include software patches and firmware updates that will “immunize” more than 90 percent of processors introduced in the past five years. By the end of this week those ambitious patching efforts will be complete, Intel said.

Security experts say two vectors that exploit Spectre will be particularly challenging to “immunize.”

Currently known methods for exploiting Meltdown and Spectre are identified as variants “bounds check bypass” (CVE-2017-5753/Spectre/variant 1), “branch target injection” (CVE-2017-5715/Spectre/variant 2) and “rogue data cache load” (CVE-2017-5754/Meltdown/variant 3).

“Meltdown is a well-defined vulnerability where a user-mode program can access privileged kernel-mode memory. This makes patching Meltdown much easier than Spectre by ensuring kernel memory is unmapped from a user-mode, which is what we see in the form of kernel page-table isolation (KPTI),” said Jeff Tang, senior security researcher at Cylance.

Spectre is much more difficult to attack to carry out because it breaks the isolation between different applications, researchers say. But at the same time, it will also be harder to patch.

Ben Carr, VP of strategy at Cyberbit, said there is not a single patch that can be applied for Spectre and mitigation efforts will require ongoing efforts. He said Spectre attacks do not rely on a specific feature of a single

read more ...

What our
Clients say

Product Finder

Search for products that match of these criteria:

 + Add row
System Diagnostic

  • Do you have five or more computers?
  • Do you have a server?
  • Is your data critical to your business?
  • Do you think IT could perform better?
  • Are you concerned about your IT security?
  • Do you need to be kept up to date?
  • Would you like your IT maintained?
Product Finder

Search for products that match of these criteria:

 + Add row



Phone:07 3480 5121

Address: 8 - 37 Flinders Parade, North Lakes

QLD 4509 Australia

Post: PO Box 128, Burpengary

QLD 4505 Australia