MELTDOWN VULNERABILITY
In the present scenario, where people are depending more and more on their smartphones and laptops or pc and storing all the essential files like personal images, confidential documents, essential passwords, etc. They are becoming more and more vulnerable to external threats. Like, if the information that you have stored on your system is not protected correctly then there are more and more opportunities for hackers to access the files of your system which includes your personal information too.
One of the vulnerabilities that can exploit your system to access your files is “MELTDOWN VULNERABILITY.” Meltdown is a very recent vulnerability found in January. Meltdown was issued a common vulnerabilities and exposures ID of CVE-2017-5754, which is also known as Rogue Data Cache Load in January 2018. The security of computer systems fundamentally relies on memory isolation, like kernel address ranges are marked as protected and are non-accessible from user access and meltdown vulnerability exploits side effects of out-of-order execution on modern processors to read arbitrary kernel memory locations including personal data and passwords. Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory which includes secrets of other programs and operating systems.
If your computer has a vulnerable processor or even runs on an unpatched operating system, then there is a high probability of your sensitive information getting leaked. Also, the files or data stored on the clouds are not safe from this type of vulnerability. The processors that are affected by meltdown vulnerability are Intel processors. The attacker that is exploiting meltdown can execute code on the target system.
Discovery
The meltdown vulnerability was discovered very recently, and it was discovered by three independent teams.
- Jann Horn (Google Project Zero)
- Werner Hass, Thomas Prescher (Cyberus Technology),
- Daniel Gruss, Moritz Lipp, Stefan Mangard, Michael Schwarz (Graz University of Technology)
The next question that will arise is how to know if your system is affected by meltdown vulnerability or not. So, to answer this question, we need to follow some steps.
Install the PowerShell Module from Technet ScriptCenter
Go to https://aka.ms/SpeculationControlPS
Download SpeculationControl.zip to a local folder
Extract the contents to a local folder, for example, C:\ADV180002
Run the PowerShell module to validate the protections are enabled
Start PowerShell, then (using the example above) copy and run the following commands:
- PS > # Save the current execution policy so it can be reset
- PS > $SaveExecutionPolicy = Get-ExecutionPolicy
- PS > Set-ExecutionPolicy RemoteSigned – Scope Currentuser
- PS > CD c:\ADV180002\SpeculationControl
- PS > Import-Module .\ SpeculationControl.psd1
- PS > Get–SpeculationControlSettings
- PS > # Reset the executionpolicy to the original state
- PS > Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser
If the output of all the elements is true, that means that your windows are protected from meltdown vulnerability, and if it shows false, that means your system is vulnerable to meltdown.
One thought on “MELTDOWN VULNERABILITY”
Comments are closed.