• Mon - Fri 9:00 - 19:00, Saturday and Sunday CALL
  • 66 Budapeshta Str., Sofia, Bulgaria
  • +359 2 439 1180
Meltdown - what should we know? (An objective article helpful for non-technical people aswell)

Meltdown - what should we know? (An objective article helpful for non-technical people aswell)

Written by Stoil Stoilov

In this article we'll try to summarize and keep track on some of the key aspects on the Meltdown issues by objectively analyzing the case without putting too much drama on it.

What is "Meltdown"?

Meltdown is a design flaw in most modern x86 processors. It is broadly affecting Intel processors manufactured in the last decade and beyond, which would mean a huge amount of desktop, mobile and server platforms. 

The design flaw might break a key security mechanism in CPUs, on which modern operating systems critically rely.

This mechanism is responsible for isolation between multiple software applications running under on operating system and protecting their data.

In simple words the issue can allow one application to read parts of the data from another application.

How dangerous it is?

At the moment Meltdown is theoretically explained and practically prooven on multiple CPUs and multiple modern operating systems like Windows, Mac OS and Linux.

So far there are no known malwares utilizing this exploit.

Who is at risk?

Theoretically - everyone, but in terms of risk/attack surface/severity first priority are service provider servers like web hosting servers, container services, VPS providers and other multi-tenant services sharing operating system kernel.

Who is not at risk? 

As the flaw is hardware dependant and wide spread, it cannot be said that anyone is fully safe.

So far there is no expectation or information that the issue can be used cross hardware virtualized machines. The issue occurs on operating system kernel level thus it affects security within the domain of one operating system or shared kernel containeriztation.

Should we accept software updates?

In general - Yes.

At the moment the issue is public and although it's not yet utilized in malicious software like viruses, this is matter of time.

Although wide spread information says updates can slow down you machine, at the moment it is important to limit the security risk.

Performance drawback is not widely noticable and will improve with next updates.

What is the risk?

A possible malicious software can steal data from another application running on the same computer.

A popular example is that a malware can eventually steal stored passwords from another application like your browser. Although this is used as an example in the initial papers describing the issue, this risk is available whenever passwords are stored in plain text for long time like in web browsers stored passwords.

A more interesting scenario is whether a malware can utilize "Meltdown" to steal other sensitive data. At the moment the Meltdown mechanism works comparetively slow and relies on severe racing condtions, which means it requires sort of good and precise timing. For applications that only temporarily store passwords in plain text, like most applications where you login, the risk is still possible, but at the moment it's rather medium to hard to be exploited.

Why is all the panic?

The issue is major design flaw. Worst part is that although it's considered a hardware issue, it is tightly connected with operating systems kernel and will require fixes on both software and hardware levels in the future. The panic comes from the sort of  uniqueness of the issue.

 

 

 

We'll keep updating this article with more information on the Meltdown issue.

 

Request a call back

Send us a request and we'll call you back soon.

News