34985268250
academy
Security
Privacy
Performance
English

What Are Meltdown and Spectre?

Originally discovered in June 2017 and still plaguing us today, Meltdown and Spectre are two of the world’s most widespread hardware vulnerabilities. Meltdown and Spectre affect computers, phones, tablets, wearables, cloud servers, and more. Find out what you can do right now to guard yourself against these catastrophic cracks in digital security.

PC-editors-choice-icon
2023
Editors' choice
AV-Test-Top-product-icon
2022
Top Rated
Product
What_are_Meltdown_and_Spectre-Hero
Written by Nica Latto
Published on September 17, 2020

What are the Meltdown and Spectre vulnerabilities?

Meltdown and Spectre are hardware vulnerabilities created by accident during the design of CPUs (central processing units), and they affect nearly every computer processor in use today. Essentially the brains of your devices, CPUs do the “thinking” and “doing” behind computing — that is, they execute the commands you give and keep your programs running.

Hamburguer menu icon

This Article Contains :

    Meltdown and Spectre can be exploited to let hackers read your processor’s “mind” while it's “thinking,” allowing the theft of your private data such as passwords, banking info, photos, sensitive documents, and more.

    The vulnerable CPUs — made by Intel and others — are found in a variety of devices, from computers and smart devices to machinery and servers. In fact, there’s a strong possibility that you own at least one device (if not more) that is affected by this Intel chip security flaw. Since their discovery, the pervasiveness of these security flaws have shocked the cybersecurity world, and analysts and developers are still reeling.

    Meltdown and Spectre are hardware vulnerabilities created by accident during the design of CPUs, and they affect nearly every computer processor in use today.

    Though discovered together, Meltdown and Spectre are actually two separate hardware security vulnerabilities that function a little differently.

    Meltdown

    In most devices, the programs and operating system (OS) are “sandboxed,” meaning that applications are separated — that is, they can’t access one another’s data or break into the OS. Meltdown, officially known as CVE-2017-5754 by the Standard for Information Security Vulnerability Names, “melts” the walls that traditionally exist between applications and the OS. The Meltdown vulnerability affects Intel, Apple, and some IBM and ARM CPUs.

    Spectre

    Spectre, which takes its name from its use of speculative execution, tricks processors into executing commands that would traditionally be out of their scope, allowing hackers access to private data stored in other programs’ memory. Known officially as CVE-2017-5753 and CVE-2017-5715, Spectre is both harder to exploit and harder to patch or mitigate than Meltdown. The Spectre vulnerability affects Intel, Apple, ARM, AMD, and IBM CPUs.

    How many individual variants are there?

    So far, researchers have identified 13 Spectre variants and 14 Meltdown variants. More recently discovered Spectre variants are referred to as Spectre-NG (next generation). Because the vulnerabilities are design flaws, they can only truly be fixed by a hardware redesign. Unfortunately, it’ll take a long time for Intel and other chip manufacturers to completely alter their designs and roll them out.

    What are the risks?

    The main risk of both Meltdown and Spectre is the theft of private data. This can be especially dangerous when you consider that the vulnerabilities can be exploited on computers, tablets, mobiles, smart devices, cloud servers, and more. Meltdown and Spectre could affect millions of people, as well as nonprofits and businesses, including healthcare organizations.

    That means cybercriminals could exploit Meltdown or Spectre to wreak havoc around the world on a scale similar to that seen with the WannaCry strain of ransomware. Understandably, cybersecurity researchers are quite concerned.

    To avoid vulnerabilities, exploits, and malware of all kinds, it’s critically important to make sure you have a robust cybersecurity defense. Avast One detects and blocks viruses and other malware, using machine learning and AI to stop threats before they reach you. And our Smart Scan feature will help you find and fix any cracks in your security, from unsafe settings and passwords to outdated software. Download it today to ensure that your devices and important files are wrapped in an extra layer of critical protection.

    How were the vulnerabilities discovered?

    Meltdown and Spectre were discovered and reported by researchers from Google Project Zero, Cyberus Technology, Graz University, and other universities. The history of the vulnerabilities can actually be traced back 20 years, but (by crazy coincidence) they were discovered by several independent researchers at nearly the same time.

    How do Meltdown and Spectre work?

    Understanding how Meltdown and Spectre work first requires some basic knowledge about the design of CPUs (recall that Central Processing Units are the “brains” of your devices).

    CPUs execute all the commands that make applications work on your device. In the past, clock speed determined how fast processors were able to run. The two main processor manufacturers, Intel and AMD, were neck and neck in the race to increase clock speed. When they eventually couldn’t increase clock speeds any further, they turned to developing new ways to process data and commands even faster — and that’s how speculative execution and out-of-order execution were developed.

    Speculative execution

    Speculative execution increases processing speeds by having the CPU guess, or speculate, which process or steps will come next. Sometimes the CPU guesses correctly, but sometimes it doesn’t. That means that the CPU sometimes loads part of a program or snippet of code and then later discards it when the guess is wrong and a different command comes up.

    The Spectre vulnerability allows a hacker to exploit this predictive (speculative) process and break in and deploy malware that steals data by looking at which commands are coming next and reading the stored memory involved in those future processes. Not only that, Spectre can also access data that was loaded speculatively and then discarded, which can sometimes include sensitive information such as banking details or passwords.

    Out-of-order execution

    Like its speculative counterpart, out-of-order execution (or dynamic execution) allows CPUs to “think” ahead. Instead of waiting to complete all instructions in a traditional, linear order, out-of-order execution lets chips execute whichever commands are possible at a given time, regardless of any order.

    The Meltdown and Spectre vulnerabilities exploit the predictions and timings that CPUs use to increase clock speed through speculative and out-of-order execution.The Meltdown and Spectre vulnerabilities exploit the predictions and timings that CPUs use to increase clock speed through speculative and out-of-order execution.

    What products are most at risk?

    Because Meltdown and Spectre are security flaws in CPUs, or chips, they affect a wide array of tech products. In particular, they’re found in chips from Intel, AMD, IBM, and ARM. As such, Meltdown and Spectre affect a wide variety of personal and business devices — in fact, almost every computer in the world is vulnerable.

    Intel

    Intel chips are vulnerable to both Meltdown and Spectre. While Intel developers quickly released software patches to try to plug the holes, some of the patches actually caused other issues. Updated patches have since been released, but until there are fundamental changes in CPU hardware design, similar vulnerabilities could be discovered. Unfortunately, new chip designs could take years. Intel chips are found in devices sold by Apple, Lenovo, HP, Dell, and others.

    AMD

    AMD chips are vulnerable to Spectre, but not Meltdown (due to their use of privilege level protections within paging architecture). AMD CPUs are found in products sold by Acer, Ryzen, Threadripper, Epyc, and others.

    IBM

    While IMB doesn’t make consumer CPUs anymore, they do make microprocessors used in servers, supercomputers, and data storage devices. IBM is affected by both Meltdown and Spectre.

    ARM

    ARM doesn’t manufacture their own chips, but they do license the architecture to other companies. So their CPU design can be found in products made by Samsung, MediaTek, Qualcomm, and others. Some ARM-based microprocessors are vulnerable to both Meltdown and Spectre.

    How will I know if my device is threatened?

    The Meltdown and Spectre vulnerabilities extend to such a wide array of devices that you almost certainly are threatened. But it’s worth noting that cybersecurity researchers have yet to detect either vulnerability exploited in the wild. After researchers discovered the vulnerabilities (and coded their proof of concept), Intel and others began working on patches immediately.

    Additionally, because Meltdown and Spectre don’t leave behind logs in the way that traditional malware does, it would be quite hard to detect if you’ve been a victim of either vulnerability. While your devices almost certainly contain the Meltdown and Spectre vulnerabilities, it’s unlikely that you’ve been attacked. And luckily, there are some things you can do to prevent ever falling victim to these wicked security flaws.

    How to protect against Meltdown and Spectre

    Because Meltdown and Spectre are hardware security vulnerabilities, not actual malware, they can’t be prevented by antivirus software. Instead, the best way to protect against them is to keep all of your devices, systems, and browsers updated. Several patches (security fixes) have already been issued in updates aimed at guarding against Meltdown and Spectre.

    Protect yourself against vulnerabilities by keeping all of your devices, systems, and browsers updated and using robust antivirus software.Protect yourself against vulnerabilities by keeping all of your devices, systems, and browsers updated and using robust antivirus software.

    As with any security vulnerability, the main danger isn’t the flaw itself, but what cybercriminals can do with it. Specifically, hackers exploit vulnerabilities to deploy malware and viruses on your system. So the best way to stay protected against a potential exploit is to use robust antivirus software like Avast One.

    Fight malware that exploits Meltdown, Spectre, and other vulnerabilities

    Although an antivirus program can’t fix a hardware vulnerability, it can protect against malware. And ultimately, malware is the issue here — the main concern about these security flaws is the potential for hackers and other bad actors to exploit them and deploy malware and steal data.

    Luckily, you can protect yourself against all that malfeasance with strong antivirus software, like Avast One. Our Smart Scan feature identifies potential security issues such as unsafe settings, weak passwords, suspicious add-ons, and outdated software, so you can easily shore up your digital defenses. Not only that, Avast One provides 24/7 protection and will detect and block all kinds of malware before it can wreak havoc on your system.

    Get Avast One for iPhone to help block hackers and malware

    Free install

    Get Avast One for Android to help block hackers and malware

    Free install
    Hacking
    Security
    Nica Latto
    17-09-2020