agsandrew - stock.adobe.com
The flaws allowed data on chips to be read as a result of the speculative execution processes used by the chips to anticipate what users are likely to do next to speed up performance.
According to the US computer emergency readiness team (Cert), Variant 4 is a vulnerability that exploits “speculative bypass”.
When exploited, Variant 4 could allow an attacker to read older memory values in a central processing unit’s (CPU’s) stack or other memory locations.
While implementation is complex, the US Cert said this side-channel vulnerability could allow less privileged code to read arbitrary privileged data and run older commands speculatively, resulting in cache allocations that could be used to exfiltrate data by standard side-channel methods.
The US Cert also mentions Variant 3a, which is another newly discovered vulnerability that may allow an attacker with local access to speculatively read system parameters through side-channel analysis and obtain sensitive information.
Variant 4 was disclosed by security researchers at Microsoft and Alphabet’s Google, and although the flaw affects many chips from Intel, Advanced Micro Devices (AMD) and Softbank Group’s ARM Holdings, researchers described the risks as low.
Although exploitation of the flaw would allow unauthorised read access to memory on almost any modern processor, the risks are reportedly low because the patches for common web browsers issued to address Spectre greatly increase the difficulty of carrying out an attack with the newly discovered flaws, according to Intel and Microsoft researchers.
However, some security commentators have noted that although it would take a local user and some effort to exploit this hole, it is not impossible to do.
Read more about Spectre and Meltdown
- Apple has confirmed that all iPhones, iPads and Mac computers are affected by the Meltdown and Spectre microprocessor exploits as the financial services industry assesses the risk.
- According to the Carnegie Mellon University Software Engineering Institute, Meltdown and Spectre need to be addressed by applying updates and replacing the affected CPU hardware.
- AMD shares rise on news that the performance of millions of Windows PCs, Linux servers and Apple Macs is to be affected by critical updates for a recently discovered security flaw in Intel chips manufactured in the past 10 years.
- Intel advises business customers to apply a security update for some versions of its administration firmware for vPro processors to fix a remote execution flaw.
Chips from Intel, AMD and ARM all have patches available that will be released in the coming weeks that include support for the newly discovered flaws, either directly from the chip makers or through software suppliers such as Microsoft.
Intel said it expects a performance slowdown of between 2% and 8% from the patches, and ARM said it expects a slowdown of between 1% and 2%.
However, Intel said that because of the low risk of an attack, it would ship its patches turned off by default, and AMD advised leaving the patches turned off due to the difficulty of carrying out an attack, according to Reuters.
The security problems do not appear to have impacted chipmakers’ stock prices, the news agency reports, with Intel shares are up nearly 16% since the start of the year to $54.32, and AMD shares up 18.3% to $12.99.
ICO recommends applying updates
Despite chip makers downplaying the risks of the newly discovered flaws, some security experts have recommended that organisations apply hardware and software updates as soon as they are available.
In January 2018, the UK Information Commissioner’s Office (ICO) called on organisations to apply security updates to mitigate against exploits of microprocessor flaws as soon as possible to safeguard personal data.
Failure to apply operating system software updates to mitigate against Meltdown and Spectre could put personal data at risk, the ICO warned.
Mitigation is the best that organisations can do to protect themselves from exploitation of these flaws until all the major chip makers find alternative, more secure ways of boosting chip performance than using speculative execution that has opened the way for a continually growing list of exploits.