Home Malware Programs Vulnerability Meltdown


Posted: December 29, 2019

Meltdown is a vulnerability that could let an attacker access information in memory while bypassing security protocols. Meltdown affects processors, particularly, Intel-brand models. Users can reduce the risk by installing relevant security patches for their OS, using modern processors, and letting anti-malware products manage removing threats related to Meltdown attacks.

Melting Down the Barriers Between Data Silently

In service to performance, some processors leap before they look, with resulting unintended consequences for their security. Meltdown is one of the ways that threat actors could take advantage of performance-improving techniques like memory mapping potentially and turn it into a detriment to the associated processor. While Meltdown is, unlike Spectre, mostly-specific to specific brands, it shares different points of note with its fellow vulnerability.

Like Spectre, Meltdown (which has the CVE ID of 2017-5754) can run in conjunction with side-channel attacks that bypass privileges, with the result of letting hackers access information in memory automatically. Such attacks could collect passwords and equally-sensitive credentials. In Meltdown's case, the implementation exploits a CPU race condition for acquiring data related to memory mapping. While Spectre affects nearly all processors, Meltdown is mostly a point of weakness for Intel hardware, along with a minority of IBM and ARM processors.

Despite the severity of Meltdown's theoretical abuse, there are no wild cases of Meltdown attacks or campaigns utilizing the vulnerability. On the other hand, neither are there symptoms corresponding with such an attack – which, in a sufficiently-canny hacker's hands, may make it invisible virtually. Various manufacturers and software companies are making ongoing efforts in mitigating Meltdown by modifying how processors handle memory and issuing security patches specific to this vulnerability, respectively.

Covering All the Bases for a Microprocessor Meltdown

Defense against a possible Meltdown attack requires covering multiple angles. Replacing outdating processors with newer models – or switching to a brand that's not at risk from Meltdown – is appropriate for all users. However, like Spectre, the underlying methodology behind Meltdown exploits have no simple solutions, and users shouldn't consider themselves 'immune' to an attack, even if they're using the very latest in hardware.

Software and operating systems in general also may have patches specifically for countering Meltdown. Examples include macOS 10.13.2, iOS 11.2, KPTI patches for Linux kernel 4.15, and a variety of fixes to Windows 10, 8.1, 7, and Server. While there are reports of a negative performance impact of up to thirty percent, most users report no or negligible side effects from these updates.

Users always should have adequate anti-malware protection for eliminating threats that may arrive through attacks that begin with the exploitation of vulnerabilities like Meltdown. While there's no means of 'deleting' Meltdown, harmful programs that an attacker might deliver via gaining access through Meltdown are more containable and removable conventionally.

Meltdown is such a severe oversight in security that, at first, researchers assumed that reports of its existence were erroneous or pranks. While it's mostly a proof-of-concept problem, there's no telling when a new day could transform it into a live – and perilous – threat in action.