News
How to survive Meltdown and Spectre
ESET has found new vulnerabilities called Spectre and Meltdown that affect almost all Intel, AMD and ARM processors, allowing hackers to access a computer’s memory.
ESET says it is one of the few third-party security solutions already compatible with Microsoft’s emergency patches, released on 3 January, for vulnerabilities called Spectre and Meltdown that affect almost all Intel, AMD and ARM processors.
Many types of computing devices, with many different vendors’ processors and operating systems are susceptible. Apple’s iPhones, iPads and Mac computers are all vulnerable.
The vulnerabilities affect the microprocessors in the majority of the world’s computers, including mobile devices and cloud networks, and can allow hackers to access the entire contents of a computer’s memory.
The Spectre and Meltdown vulnerabilities are bi-products of optimization techniques designed to increase the performance of modern processors.
These techniques are called “out-of-order” and “speculative” execution. They allow the processor to make better use of time it would have to spend waiting unnecessarily before executing the next instruction to pre-compute further results which may or may not be used in the execution flow.
These pre-computed results, if not used, are discarded – but, as researchers have shown, there are side-effects left by such precomputation which are not disposed of thoroughly enough and can sometimes be leaked to the potential attacker.
As stated by the authors of the papers describing the vulnerabilities, there are theoretical ways antivirus could detect the problem. However, detection would have an extremely negative impact on the device’s performance and significantly influence user experience; it would be a less effective approach than prevention. Therefore, we recommend that ESET users keep track of any related patches for their systems and apply them as soon as possible.
While ESET protects against potential malware infection, it says users should also take these steps to securecomputers and data:
· Make sure your browser is up to date. For Chrome or Firefox users:
o Mozilla has released information describing their response, including how Firefox 57 will address these security flaws.
o Google has stated, “Chrome 64, due to be released January 23, will contain mitigations to protect against exploitation.” In the meantime, you can enable “Site Isolation” found in current stable versions of Chrome to provide better protection.
· Make sure you update your ESET software, then update your Windows OS to protect against this exploit. To update ESET:
ESET Home products (NOD32 Antivirus, Internet Security, Smart Security Premium)
o ESET Business products (Endpoint Antivirus, Endpoint Security, File and Mail Security and Virtualization Security)
· Customers should review ESET’s Knowledgebase article for important updates.
· If you have a cloud-based server or have a website hosted by hosting provider, check to see what mitigations they have implemented already to prevent Meltdown.
Here is a list of affected vendors and their respective advisories and/or patch announcements: