Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Spectre & Meltdown

by Steve Tilson
January 5, 2018

A compromised processor is one of the most serious attack vectors on all Microsoft, Apple and Linux systems. The recently discovered hardware bugs known as Spectre and Meltdown affect modern processors uniquely by accessing information found in system memory. The Spectre & Meltdown dashboard can provide insight to which systems are affected by the new vulnerability.

The new bugs are considered "side channel attacks" since they use side channels to obtain the information from the accessed memory location. Spectre allows an application to force another application to access arbitrary portions of that other application's allocated memory, which can then be read through a side channel. This unique side channel attack is done by speculative execution, a technique used by high-speed processors in order to increase performance by guessing likely future execution paths and preemptively executing the instructions in them. Spectre takes advantage of this execution and affects all modern processors capable of keeping instructions in flight.

Furthermore, memory isolation is a cornerstone of security and the environment that allows multiple processes to be run on a device. The Meltdown bug allows any application to access all system memory including memory allocated to the kernel, and overcomes the memory isolation. The unique side channel attack is one side effect caused by out-of-order execution that is used as a performance enhancement for processors. Meltdown specifically affects every Intel processor on all desktop, laptop and cloud computers except Intel Itanium and Intel Atom before 2013.

Tenable.io enables an organization to better manage risk exposure by providing information on all outstanding patches for each operating system, and assigning a criticality to each vulnerability found. This information can assist infrastructure and security teams at all levels in targeting systems that have a higher probability of being compromised.

This dashboard contains the following components:

Spectre & Meltdown - Missing Patches: The Spectre & Meltdown Missing Patches table provides a summary of the top vulnerabilities related to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. The summary includes the Plugin ID used, Name, Severity and Total found.

Spectre & Meltdown - Missing Patches by Plugin Family: The Spectre & Meltdown Missing Patches by Plugin Family matrix provides indicators by plugin family of vulnerabilities related to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. This information helps to determine the operating systems that are most vulnerable based on their current patching.

Verizon DBIR - Vulnerabilities with Patches Published Over 1 Year Ago: The Vulnerabilities with Patches Published Over 1 Year Ago pie chart provides a quick snapshot of the older vulnerabilities in the organization. The vulnerabilities in the pie chart have patches that were published over one year ago.

Cyber Essentials Scheme - Vulnerabilities by Patch Published Date: The Vulnerabilities by Patch Published Date matrix provides counts of vulnerabilities with patches that have been published in the specified date ranges.

Category: 
Analyze
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,190.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security