Between the Blueborne vulnerabilities and the High Sierra Mac flaw – we saw some nasty bugs in 2017. Now, 2018 has already introduced us to some powerful new exploits: Meltdown and Spectre. These are cyber-attack techniques that seek to exploit operating system technologies that normally function safely, as designed, but researchers have cleverly identified a way to use these benign technologies for malicious purposes. They basically manipulate the protections that separate applications from operating systems, as well as applications from other applications running on the same computer. They also affect a wide range of devices that we use in our daily lives, including both PCs and phones.
So, how exactly could Meltdown and Spectre have such an impact? First, let’s back up and explore the role they play in operating systems. Most modern operating systems perform speculative execution, and even execute instructions before it is certain that those instructions need to be executed. This makes it possible for one process to infer that some data belongs to another process.
As McAfee CTO Steve Grobman views it, we should think of these vulnerabilities in the sense of modern banking — we rely on banks to perform operations on our behalf, and when we request that a payment is made, our banks will move things around behind the scenes to ensure successful transactions we couldn’t execute as individuals. Just like with banking, we rely on these operating systems to perform services on our behalf, which often involves important data.
Now, what’s dangerous about Meltdown and Spectre is that these attacks can “melt” the barriers between unprivileged applications and the privileged operating system. Essentially, this means pulling back the curtains on all the behind-the-scenes data involved in these services. This allows attackers that leverage Meltdown and Spectre to potentially steal passwords, financial data or information from other applications. What’s more – cybercriminals are attempting to leverage these exploits in other ways too, as a fake patch is currently being circulated that is actually a front for a malware called Smoke Loader.
So, the next question is – how do you ensure your devices and data are protected from these exploits? You can start by following these tips:
- Turn on auto-update. Make sure Windows auto-update is turned on as a best practice, and that you’re connected to the internet so that McAfee auto-update can work too. If Windows auto-update is turned on, there’s nothing else you need to do. But if you manually update Windows, it will succeed no later than Tuesday once McAfee’s auto-update occurs.
- Update everything immediately. Beyond applying any updates received from Windows, it’s crucial you update everything else too. That way, you can apply any patch you receive from all PC, phone, and mobile app providers that have been affected.
- Go straight to the source. The phony patch carrying Smoke Loader comes from a fake website claiming to be part of the German Federal Office for Information Security. So, in order to avoid this fake patch and others like it, always be sure to only go straight to source – meaning, go directly to the site of your provider.
- Lock down your devices with comprehensive security. McAfee products are not affected by this vulnerability nor the Windows changes that address it. Therefore, after you’ve updated your devices with the latest software, be sure to install comprehensive security. A solution like McAfee LiveSafe can ensure your devices are protected from cybercriminals wishing to leverage this vulnerability in order to steal your personal data.
And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.