{"id":10061,"date":"2018-01-04T05:35:01","date_gmt":"2018-01-04T10:35:01","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/copy-of-two-severe-vulnerabilities-found-in-intels-hardware\/10061\/"},"modified":"2018-03-22T17:37:59","modified_gmt":"2018-03-22T13:37:59","slug":"two-severe-vulnerabilities-found-in-intels-hardware","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/10061\/","title":{"rendered":"Two severe vulnerabilities found in Intel&#8217;s hardware"},"content":{"rendered":"<p>Two severe <a href=\"https:\/\/securelist.com\/threats\/vulnerability-glossary\/?utm_source=kdaily&amp;utm_medium=blog&amp;utm_campaign=termin-explanation\" target=\"_blank\" rel=\"noopener\">vulnerabilities<\/a> have been <a href=\"https:\/\/www.theregister.co.uk\/2018\/01\/02\/intel_cpu_design_flaw\/\" target=\"_blank\" rel=\"noopener nofollow\">discovered<\/a> in Intel chips, either of which could enable attackers to seize sensitive information from apps by accessing the core memory. The first vulnerability, Meltdown, can effectively remove the barrier between user applications and sensitive parts of the operating system. The second vulnerability, Spectre, also found in AMD and ARM chips, can trick vulnerable applications into leaking their memory contents.<\/p>\n<p><a href=\"https:\/\/me-en.kaspersky.com\/blog\/files\/2018\/03\/intel-vulnerabilities-featured1.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-10072\" src=\"https:\/\/me-en.kaspersky.com\/blog\/files\/2018\/03\/intel-vulnerabilities-featured1.jpg\" alt=\"Meltdown and Spectre: vulnerabilities that threaten almost every device on Intel processors with AMD and ARM being affected by the second one as well.\" width=\"1460\" height=\"958\"><\/a><\/p>\n<p>Applications installed on a device generally run in \u201cuser mode,\u201d away from the more sensitive parts of the operating system. If an app needs access to a sensitive area, for example the underlying disk, network, or processing unit, it needs to ask permission to use \u201cprotected mode.\u201d In Meltdown\u2019s case, an attacker could access protected mode and the core memory without requiring permission, effectively removing that barrier \u2014 and enabling them to potentially steal data from the memory of running apps, such as data from password managers, browsers, e-mails, and photos and documents.<\/p>\n<p>In practical terms, that means arbitrary memory can be read using Meltdown. This can include passwords, encryption keys, logins, credit card information, and much more. With Spectre, on the other hand, the memory of a (vulnerable) application can be read. So for example, if you visit a website, JavaScript code on the website can read the logins and passwords that are stored in your browser\u2019s memory.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Using <a href=\"https:\/\/twitter.com\/hashtag\/Meltdown?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Meltdown<\/a> to steal passwords in real time  <a href=\"https:\/\/twitter.com\/hashtag\/intelbug?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#intelbug<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/kaiser?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#kaiser<\/a> <a href=\"https:\/\/twitter.com\/hashtag\/kpti?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#kpti<\/a> \/cc <a href=\"https:\/\/twitter.com\/mlqxyz?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@mlqxyz<\/a> <a href=\"https:\/\/twitter.com\/lavados?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@lavados<\/a> <a href=\"https:\/\/twitter.com\/StefanMangard?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@StefanMangard<\/a> <a href=\"https:\/\/twitter.com\/yuvalyarom?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@yuvalyarom<\/a> <a href=\"https:\/\/t.co\/gX4CxfL1Ax\" target=\"_blank\" rel=\"noopener nofollow\">https:\/\/t.co\/gX4CxfL1Ax<\/a> <a href=\"https:\/\/t.co\/JbEvQSQraP\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/JbEvQSQraP<\/a><\/p>\n<p>\u2014 Michael Schwarz (@misc0110) <a href=\"https:\/\/twitter.com\/misc0110\/status\/948706387491786752?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">January 4, 2018<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Meltdown and Spectre are hardware bugs, so patching can be quite tricky. <a href=\"https:\/\/meltdownattack.com\/#faq-fix\" target=\"_blank\" rel=\"noopener nofollow\">Patches<\/a> against Meltdown have been issued for Linux, Windows, and MacOS, but work is still on the way to harden applications against <a href=\"https:\/\/spectreattack.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Spectre<\/a>. You can find more information <a href=\"https:\/\/meltdownattack.com\/\" target=\"_blank\" rel=\"noopener nofollow\">here<\/a>.<\/p>\n<p><strong>In the meantime it is important, as always, to install the latest security updates as soon as they\u2019re available<\/strong>, because it won\u2019t take long for malefactors to start exploiting these vulnerabilities \u2014 the sample code has already been published.<\/p>\n<h3>Kaspersky Lab\u2019s products compatibility with Microsoft Windows Security update<\/h3>\n<p>As operating system vendors rushed to patch Meltdown, they published security updates on January 3 that turned out to be incompatible with a lot of security solutions, causing either some features of those solutions not to work properly or OS freezes and reboots.<\/p>\n<p>Good news: Both business and consumer solutions from Kaspersky Lab are fully compatible with this update. Microsoft delivers the update only if the system is flagged as ready, and from our side, the readiness flag has been included in the updates that were delivered on December 28, 2017. If your antivirus databases are up to date, then your computer is ready to receive the Windows update that fixes Meltdown. If you haven\u2019t received it yet, you soon will, and we strongly recommend you install it as soon as possible.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Meltdown and Spectre: the two vulnerabilities that threaten every device on Intel, AMD or ARM processors<\/p>\n","protected":false},"author":423,"featured_media":10072,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5],"tags":[1613,1614,1615,1616,268,258],"class_list":{"0":"post-10061","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"tag-hardware","9":"tag-intel","10":"tag-meltdown","11":"tag-spectre","12":"tag-vulnerabilities","13":"tag-vulnerabilties"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/10061\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/12094\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/5538\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/14326\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/12551\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/12272\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/15077\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/14880\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/19454\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/4586\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/20620\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/9978\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/two-severe-vulnerabilities-found-in-intels-hardware\/8725\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/15595\/"},{"hreflang":"zh","url":"https:\/\/www.kaspersky.com.cn\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/9096\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/two-severe-vulnerabilities-found-in-intels-hardware\/19170\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/19293\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/two-severe-vulnerabilities-found-in-intels-hardware\/19280\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/vulnerabilties\/","name":"vulnerabilties"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/10061","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/423"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=10061"}],"version-history":[{"count":16,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/10061\/revisions"}],"predecessor-version":[{"id":10753,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/10061\/revisions\/10753"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/10072"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=10061"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=10061"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=10061"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}