Minimize your digital risk by detecting data loss, securing your online brand, and reducing your attack surface.
A powerful, easy-to-use search engine that combines structured technical data with content from the open, deep, and dark web.
Digital Risk Protection
Read our new practical guide to reducing digital risk.
New report recognizes Digital Shadows for strongest current offering, strategy, and market presence of 14 vendors profiled
Read Full Report
On Wednesday, rumors surfaced that there were vulnerabilities in the majority of microprocessors, which would allow attackers to access system memory information held in the kernel, the most privileged area of modern operating systems. The kernel manages processes including starting and ending user programs, security settings, memory handling, and controlling hardware such as memory and network drives.
Later in the day the security community rallied together to produce a barrage of research on two different attacks that took advantage of these flaws: enter Meltdown and Spectre.
With so much overlapping commentary, and further details likely to be released, it’s hard to make sense of exactly what’s going on and what systems are at risk. Here’s what we know – and do not yet know – so far. The Digital Shadows Intelligence team conducted this analysis by:
Spectre proof of concept exploit tested on an Ubuntu 16.04 VM by Digital Shadows
Meltdown and Spectre exploit advertised for sale by the Shadow Brokers
A host of companies have come out and released advisories for their affected products. We have provided a list of these and their relevant websites below:
Patching and rebooting should therefore be a priority requirement for all organizations and home users. Despite this, there are a few things to bear in mind:
These patches are only preliminary measures though, and there will probably be future updates released to combat the performance problems caused by these fixes.
What we can be certain of is that this issue will run on for a considerable length of time. Digital Shadows will continue to post updates on both Meltdown and Spectre as and when new information becomes available. Happy New Year!