Get a demo
Voyager18 (research)

Fixing the Intel Spectre CPU Vulnerability

The Spectre and Meltdown vulnerabilities are back. Variations of a vulnerability affecting most modern microprocessors now have a published exploit. Use Remedy Cloud for the remedies you need to get fix done.

Gal Gonen | March 08, 2021

Years ago, when we published our article about the Spectre and Meltdown vulnerabilities, a remote attack called NetSpectre had just been discovered and published, alerting the cyber security world that a Spectre attack could occur without any local code execution or access. Several years later, we’re still not finished with the threats posed by Spectre.

Using remediation intelligence provided by Vulcan’s VulnRX,  we’ll discuss what you need to know about the Intel Spectre vulnerability and elaborate on what’s happened recently for these older vulnerabilities to demand our attention again.

What Is the Intel Spectre Vulnerability?

The Intel vulnerability Spectre is a weakness in modern processors that makes it possible for an exploit to gain access to hidden data stored in memory. Spectre can affect any kind of computer using a modern processor—meaning anything produced later than 1995. This includes desktop computers, laptops, tablets, smartphones, and cloud-based systems.

Before this vulnerability, it was believed to be impossible for one program to read the protected data from another, but Spectre can breach this layer of protection, leaking sensitive data like passwords—or virtually anything being processed.

Spectre was first discovered in late 2017. It raised countless questions about its exploitability and potential impact. At that time, an exploit was published, but it was not proven that the exploit was actually used. No breach or incident was discovered that leveraged it, and it was unclear how it could be exploited remotely.

This vulnerability is called “Spectre” because it operates based on speculative execution. When it breaches communication between a program and operating software, it is ghost-like—it cannot be seen. As one can imagine, it is difficult to stop something you can’t see, which is largely the problem with Spectre. 

How Can It Affect You?

Essentially every modern platform and operating system is at risk from the Spectre vulnerability, including Intel, AMD, and ARM processors. The differences from one operating system or device to the next is largely dependent on the ability to create and release patches and updates quickly, as soon as new potential exploits are discovered.

In addition to the potential dangers of a Spectre exploit, patches can also impact you with a drop in performance. This is more significant for older devices and operating systems.

It is difficult to fully protect any system from Spectre because it isn’t software-based like virtually every other form of malware. Since it is a hardware flaw, protection requires system updates that make it more difficult to attack—there isn’t a 100% cure.

Has This Vulnerability Been Actively Exploited in the Wild?

The first weaponized exploit for the Spectre CPU vulnerability was uploaded on VirusTotal, allowing us to glimpse the potential impact the exploit could have.

This is a wakeup call to the entire industry. For a very long time, vulnerabilities were mostly software-based weaknesses, while this new exploitable vulnerability shifts the focus to an entirely new spectrumhardware-based vulnerabilities.

This vulnerability, along with its working exploit and the Meltdown bug, forces hardware producers to rethink everythingfrom chip design to implementation; it’s no longer just about performance. 

Nearly everything about this vulnerability is theoretical because we’ve learned a great deal about what is vulnerable and how to respond with patches and updates, but we don’t know whether it has actually been used against anyone. But that’s what makes this vulnerability so insidious—how do you detect a phantom menace that operates with ghost-like invisibility?

Years after the discovery and publication of this initial vulnerability, there are new signs that it could be weaponized and not just a proof of concept. 

This discovery has increased the potential risk. While this is still primarily a local exploit, the NetSpectre study proved it can be performed remotely. This makes it a multi-step attack that takes more effort to pull off, but it is possible. But patching the vulnerability could have a performance impact, so we recommend testing the implications before applying the patch. That said, there are a few workaround options that can mitigate this vulnerability.

How to Fix the Spectre Vulnerability 

Because this vulnerability is so far-reaching, impacting so many products and different operating systems, there are many different solutions, including the following:

  • Stay current on any system patches and updates.
  • Coordinate with your system security expert to see if there are system BIOS updates that need to be made.
  • Apply firmware updates for your smartphone devices.
  • Stay up-to-date on any issues that involve your cloud computing services or cloud services you interact with.
  • Use the most current software and hardware that your budget provides since patches and updates can negatively affect the performance of older systems the most.

Let Vulcan Help

Let us help you find the fixes you need for this vulnerability in VulnRX, the world’s largest FREE database of vulnerability remedies and fixes. There, you’ll find workarounds for Linux and Windows, along with numerous advisories since it is a multi-platform vulnerability. Discover the actions and steps needed to start protecting your business from the Spectre vulnerability.

Protect your systems from vulnerabilities with our Vulcan Cyber vulnerability remediation orchestration platform. Questions? Get in touch. Or, try Vulcan Enterprise for 30 days.

Free for risk owners

Set up in minutes to aggregate and prioritize cyber risk across all your assets and attack vectors.

"Idea for an overwhelmed secops/security team".

Name Namerson
Head of Cyber Security Strategy

strip-img-2.png

Get rid of silos;

Start owning exposure risk

Test drive the leader in exposure risk management