Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Spectre & Meltdown

by Steve Tilson
January 5, 2018

A compromised processor is one of the most serious attack vectors on all Microsoft, Apple and Linux systems. The recently discovered hardware bugs known as Spectre and Meltdown affect modern processors uniquely by accessing information found in system memory. The Spectre & Meltdown dashboard can provide insight to which systems are affected by the new vulnerability.

The new bugs are considered "side channel attacks" since they use side channels to obtain the information from the accessed memory location. Spectre allows an application to force another application to access arbitrary portions of that other application's allocated memory, which can then be read through a side channel. This unique side channel attack is done by speculative execution, a technique used by high-speed processors in order to increase performance by guessing likely future execution paths and preemptively executing the instructions in them. Spectre takes advantage of this execution and affects all modern processors capable of keeping instructions in flight.

Furthermore, memory isolation is a cornerstone of security and the environment that allows multiple processes to be run on a device. The Meltdown bug allows any application to access all system memory including memory allocated to the kernel, and overcomes the memory isolation. The unique side channel attack is one side effect caused by out-of-order execution that is used as a performance enhancement for processors. Meltdown specifically affects every Intel processor on all desktop, laptop and cloud computers except Intel Itanium and Intel Atom before 2013.

Tenable.io enables an organization to better manage risk exposure by providing information on all outstanding patches for each operating system, and assigning a criticality to each vulnerability found. This information can assist infrastructure and security teams at all levels in targeting systems that have a higher probability of being compromised.

This dashboard contains the following components:

Spectre & Meltdown - Missing Patches: The Spectre & Meltdown Missing Patches table provides a summary of the top vulnerabilities related to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. The summary includes the Plugin ID used, Name, Severity and Total found.

Spectre & Meltdown - Missing Patches by Plugin Family: The Spectre & Meltdown Missing Patches by Plugin Family matrix provides indicators by plugin family of vulnerabilities related to CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754. This information helps to determine the operating systems that are most vulnerable based on their current patching.

Verizon DBIR - Vulnerabilities with Patches Published Over 1 Year Ago: The Vulnerabilities with Patches Published Over 1 Year Ago pie chart provides a quick snapshot of the older vulnerabilities in the organization. The vulnerabilities in the pie chart have patches that were published over one year ago.

Cyber Essentials Scheme - Vulnerabilities by Patch Published Date: The Vulnerabilities by Patch Published Date matrix provides counts of vulnerabilities with patches that have been published in the specified date ranges.