Meltdown and Spectre, two recently disclosed security flaws, affect chipsets from leading semiconductor manufacturers including Intel, AMD and mobile chip design ARM. These security flaws put devices manufactured nearly 20 years ago at a potential risk where an attacker can gain access to low-level kernel memory that is normally protected from higher programs and user access.
Spectre, a security flaw that affects chips made by Intel, AMD and ARM Holdings, was discovered by Google’s Project Zero team and it still remains unknown with researchers suggesting it will be difficult to exploit. Meltdown security flaw, on the other hand, has a wider implications, with the flaw affecting devices using Intel chipsets in particular. The flaw revealed on Monday affects most Intel processors manufactured since 1995.
Meltdown was discovered by 31-year-old information security researcher Daniel Gruss, who is also a post-doctoral fellow at Austria’s Graz Technical University. He says the ability to breach CPU’s kernel memory, which is protected and inaccessible to users, was only theoretically possible. However, Gruss wanted t to check whether it is practically possible and hacked his own computer to discover the critical flaw. He says he didn’t sleep much the night he exposed the security flaw in chip design.
Gruss say he discovered the flaw by unlocking his personal data that is generally secured with the help of kernel memory. “When I saw my private website addresses from Firefox being dumped by the tool I wrote, I was really shocked,” Gruss told Reuters.
Gruss and his colleagues Moritz Lipp and Michael Schwartz worked from their homes on a weekend in early December and messaged each other to verify the result. “We sat for hours in disbelief until we eliminated any possibility that this result was wrong,” said Gruss.
Gruss and his colleagues accidentally discovered a flaw that can be deemed the worst CPU bug ever. Gruss adds that it is not easy to detect whether the flaw has been exploited by any attacker since it does not leave any trace in the log files.
The discovery of Meltdown, first reported by The Register, has been known to key security researchers for nearly six months and both chip manufacturers and software makers scrambled to issue bug fixes and patch the vulnerability with software. The software developers issue a patch further came to light when Linux developers started separating kernel memory from user memory and changed the current state of kernel page-table isolation.
Intel has acknowledged the flaw and has confirmed that it is working with its peers including AMD and ARM and software makers Apple and Microsoft to patch the issue. Microsoft rolled out a security patch on Wednesday that automatically gets downloaded on Windows 10 while Apple has also issued fix with macOS 10.13.2.
Since the fix is basically a mitigating step involving software update for an hardware flaw, reports suggest it will lead to performance slowdown in some devices. Intel denies drop in CPU performance but for the time being most OEMs and software developers are relying on Gruss and his team’s finding to defend any attempts to steal critical information by exploiting the Meltdown bug.