Fixing the Spectre CPU Vulnerability
Years ago we published a blog post about the Spectre and Meltdown vulnerabilities, the common variations of a vulnerability built into most modern microprocessors serving many of the machines and computers in the world. Now, three years later, they return to haunt us.
Using remediation intelligence provided by Vulcan Remedy Cloud, this blog post will suggest a workaround for fixing the Spectre vulnerability and elaborate on what’s happened recently for these older vulnerabilities to demand our attention again.
WHAT IS THE SPECTRE VULNERABILITY?
The vulnerability was discovered in late 2017 and raised many questions about its exploitability and potential impact. At that time an exploit was published but it was not proven that the exploit was actually used. No breach or incident was discovered that leveraged it, and it was unclear how it could be exploited remotely.
HAS THIS VULNERABILITY BEEN ACTIVELY EXPLOITED IN THE WILD?
A weaponized exploit for the Spectre CPU vulnerability was uploaded on VirusTotal last month. This was officially the first time we could actually see the potential impact from this vulnerability. This was the first time a working exploit for the vulnerability has entered the public domain.
This vulnerability, along with its working exploit and the Meltdown bug, forces hardware producers to rethink everything – from chip design to implementation – it’s no longer just about performance. This is also a wake up call to the entire industry as for a very-long time vulnerabilities were mostly software-based weaknesses, while this new exploitable vulnerability shifts the focus to an entire new spectrum – hardware-based vulnerabilities.
It’s time for another retrospective on the Spectre vulnerability. Even though it has been three years since the discovery and publication of the vulnerability there are new signs that it could be weaponized, and not just a proof of concept. This new discovery has increased the potential risk. We still need to consider that this is a local exploit, where an attacker would need to gain remote access by other means, making this a multi-step attack. But patching the vulnerability could have a performance impact, so we recommend testing the implications before applying the patch. That said, there are a few workaround options that can mitigate this vulnerability.
HOW DO I REMEDIATE THE SPECTRE VULNERABILITY?
Because this vulnerability is so far reaching and affects so many products and different operating systems, there are many different solutions.
Let us help find the fixes you need for this vulnerability in Remedy Cloud. We have workarounds for Linux and Windows and tons of advisories because it’s an old multi-platform vulnerability. Visit CVE-2017-5753 on Remedy Cloud to discover the actions and steps needed to start protecting your business from the Spectre vulnerability.
You can always get additional remedies and fixes for this vulnerability based on your products, operating system and solution needs with Vulcan Remedy Cloud, the largest, FREE database of vulnerability remedies and fixes in the world.