Intel Releases Spectre Patches
Most people read or at least heard about about the Spectre and Meltdown vulnerabilities in processors. Google’s Project Zero announced these exploits on January 3rd that affect almost all processors in circulation. The weaknesses take advantage of the way processors speed up data processing and are present in most processors. Thankfully, Intel just started pushing out patches for these and the fix is actually stable.
Here’s everything you need to know about what Spectre is, why you need to prepare for it, and what steps you can take to protect yourself.
So what’s the big deal with Spectre?
Although you may have heard of Spectre and Meltdown, you may not know why they are a problem. The biggest issues are with Spectre, which unfortunately was harder to patch. The exploit allows attackers to see private data in the processor by observing what the processor is doing.
Attacks using Spectre could trick things like web browsers into revealing passwords typed into them or provide details on how secure programs function. To make matters worse, security experts were unsure if processor patches could fix the issues due to the complexity of Spectre. Because of this, people thought replacing the processors was the only real solution.
So do I need to replace all my computers, phones, and tablets?
Thankfully, as the title of this article suggests, Intel is releasing microcode patches to the processors to resolve this issue. As of February 26th, Intel verified patches for processors from the 4th Gen – 8th Gen, with many more in testing stages. Most of their newer processors are ready to update and fixes for older units are on the way.
In addition, ARM (manufacturer of chips for most phones and tablets) is putting out updates as well. AMD is also planning microcode updates that should be out soon for their processors. And many software developers have already released patches to at least mitigate the exploit.
The systems that will have problems are older Apple and Android devices that no longer receive updates. Because the device manufacturers need to deploy the updates, many of these devices won’t receive patches. Additionally many IoT devices like Smart TV’s rarely receive updates and may never see fixes.
Then what do I need to do on my systems?
First of all, on any systems that you can update, do the updates often. This goes especially for Windows, OSx, Android, and iOS updates. These vendors already have patches out to help mitigate Spectre and will be the ones to get you the processor patches as well.
It is also important to make sure your software and apps are up to date. This goes especially for browsers, as they are a primary attack vector for Spectre. Many browsers and software receive updates monthly, so it is wise to check them frequently. If you have software that hasn’t updated in years, it may be wise to consider removing it.
All of this is important to check on your phones as well. Many older phones no longer receive updates, and it may be time to upgrade to something newer that does. You should use extreme caution on devices that can’t get Spectre patches, as attackers could steal things like login information if they gain access.
Are any attackers currently using Spectre?
So far, it remains fairly unclear. While AV-TEST’s database has found over 100 samples exploiting Spectre, none of the samples actually ran bad code. Some of these samples may be beta tests by attackers, but most of the samples are just testing the water for now.
However, this does not mean attackers are not using it, and it does not mean attackers are not researching how to use it. While Spectre is tricky to use and requires skill, many attackers are quite talented and enjoy challenges. It is fairly safe to assume that attackers are researching how to use Spectre effectively for some ill use.
All of this makes it urgent that your patch your systems and software as soon as possible.
So what are the next steps?
The OEM’s and OS providers will be distributing the microcode patches to everyone. This means look for Windows Update on Windows systems, Software Update on Mac and iOS, and System Update on Android. These are your main sources for the Intel and Arm fixes for Spectre.
There isn’t a specific time frame for the updates yet, but it is likely that we will see some in March. Partly this depends on your processor, and partly this depends on your system. Many Android phones do not get security updates until a month or more after release, so it is important to stay on top of updates for the foreseeable future.
(Update 3/7/18) Microsoft is already sending updates to some customers on the latest Windows 10 and Windows Server builds for select processors. As they continue to test, they will make more available.
Keep in mind that regular updating is also a good habit to have, as updates generally include other security fixes.
I need some help.
If you need assistance checking if your systems are up to date, Haider Consulting is happy to help. Our Vulnerability Assessments can check for open exploits like Spectre so that we can help you better secure your network. These assessments are especially helpful if you have many systems that you need to check on.
Please also feel free to Contact Us if you have any questions on Spectre. Albuquerque is not immune to the reaches of this attack and your business needs to prepare. Remember in the coming months to update all your devices, including phones tablets, and computers. And some devices like Smart TVs and networked security cameras may be better to take off your network or isolate.
Being proactive is your key to Spectre mitigation, and Astria is ready to prepare your business.