Just when you thought it was done, it returns again: a spectre in the corner of your eye.
Researchers have discovered 139 malware samples designed to take advantage of the Spectre and Meltdown microprocessor exploits, revealed to the public in the first weeks of this year. So far, the samples discovered appear to be in their infancy—proof-of-concept codes that are not yet functional. Researchers express dismay however, as the obvious intention is to discover and utilize a functional exploit. This could spell disaster for enterprises and users around the world.
Spectre and Meltdown patches, however, have encountered their own host of issues. Intel, one of the largest microprocessor manufacturers, had to ask users to stop deploying their patches due to complaints of blue screen of death issues and unacceptable slowdowns of up to 25%. There has also been some controversy about the manner of their announcement, especially concerning when the public was informed and allegations of insider trading.
Spectre and Meltdown allow hackers to exploit the natural speculative execution functions of microprocessors to access vital stored data, including passwords. Because nearly every endpoint and server uses a microprocessor, this renders virtually every system vulnerable to significant data breaches.
Until recently, there was no evidence of a Spectre and Meltdown exploit in the wild. However with each passing day, the possibility of such a hack increases. Some researchers are convinced that, because these are inherent hardware flaws, the only true solution is a complete hardware replacement; this would constitute an unimaginable expense both for the manufacturers and the users.
Latest posts by Ben Canner (see all)
- Top Ten LinkedIn Groups for SIEM and Security Analytics Professionals - October 18, 2018
- New Deloitte Poll Suggests Incident Response Plan Ignorance - October 16, 2018
- Solutions Review Releases SIEM Vendor Map To Assist Enterprise Decision-Makers - October 15, 2018