Meltdown and Spectre Attack-Intel-AMD | HTML-POINT

Meltdown and Spectre Attack-Intel-AMD

Spectre and meltdown this vulnerability  have already stated major organisations in the world right in the first week of 2018 targeting the CPU architecture of Intel AMD and ARM that is your mobile processes this is not any other vulnerability that will only affect certain systems it rather effects mostly all the computers and mobile devices and has existed since many years in this article I am going to show you how you can check whether your Windows system is vulnerability  and how you can fix it

Let’s try to understand what is Spectre and meltdown our CPU used work in an interesting way by speculating the calculations in advance to speed up its performance at the store by carrying out the processing you might need in future based on your usage now we being human’s over usage patterns change and does it turns out that sometimes the CPU will have unnecessary data that is precomputed that data is thrown in a different number is Section and it might contain some sensitive information which should not be accessible, security resources from Google’s project zero last year exploited this very behaviour of cpus they found that this memory were all these term was store is not security lock down and thus attackers can read any sensitive information like your Password encryption key etc

In fact it was also observed that an attack running on one Virtual Machine was able to access the physical memory of the host machine and true that give read access to the memory of a different virtual machine on the same host so how can you protect your device is against this

vulnerability , you are expected to keep an eye on firmware updates from your CPU manufacturer beat Intel or AMD and updated along with that several OS when does like Microsoft and Apple are pushing out security updates for the same to don’t schedule them for later and instead updated as soon as possible to check if your Windows system is vulnerability Spectre and meltdown, Microsoft has released the powershell module to do

so let’s open the powershell and run it as an Admin

install-module speculationcontrol

set-executionpolicy bypass

Get-speculationcontrolsettings

then execute the commands again if you see most of the fields falls in read that means your CPU and operating system are vulnerability, Microsoft has already released the patch for this and in case you don’t see this particular update your antivirus might be the culprit since it is expected to make some registry changes first Microsoft has already instructed antivirus companies to comply and skip your Antivirus update it to once your Windows is updated you can verify by below command

Get-speculationcontrolsettings

you need is a firmware update from your CPU manufacturer beat Intel or AMD once everything is best all the fields here will be in green and you will finally be secure.you are done don’t forget to reset your powershell execution policy by typing

set-exectingpolicy restricted

please note Intel has said that it will push out the updates for all its CPU models that were manufactured in last 5 years so if you are CPU is older you might want to consider updating it for your mobile device is running on Android Google has already update to make sure you have the december security patch level install even.

Article references:
1. Google Security Blog:
https://security.googleblog.com/2018/…

2. Intel:
https://newsroom.intel.com/news-relea…

3. AMD:
https://community.amd.com/thread/224276

4. Microsoft:
https://support.microsoft.com/en-us/h…

5. Apple:
https://support.apple.com/en-us/HT208394

 

 

VMWARE L2 INTERVIEW QUESTION 

Related Articles

Leave a Reply

Be the First to Comment!

Notify of
avatar