While it is known that Intel chips are facing a bug that is affected by serious Kernel memory leak issue on modern computers including Windows, Linux, and macOS, the exact problem and explanation for this bug remained a mystery. Windows and Linux have already started pushing the updates that will fix the issue, we now have what the flaw is and they have been named ‘Meltdown’ and ‘Spectre’.
The Meltdown was independently discovered by three groups; researchers from the Technical University of Graz in Austria, German security firm Cerberus Security, and Google’s Project Zero. On the other hand, ‘Spectre’ was found by Project Zero and independent researcher Paul Kocher.
These bugs allow programs to steal data which is currently processed on the computer. Since programs are not allowed to read data from other programs, any malicious software or program can exploit Meltdown and Spectre to gain access to passwords, browser data, your personal photos, emails, instant messages, etc. stored in the memory of other running programs. These bugs can work on personal computers, mobile devices, and can even steal cloud data.
The ‘Meltdown’ attack allows a program to access the memory, and gain access to secrets, on the other hand, Spectre allows an attacker to trick error-free programs, which are best practices to leak sensitive information. Google’s Project Zero researchers in a blog post mentioned that execution is “difficult and limited” on the majority of Android devices and the company has already rolled out additional protection in the January security update. Though Apple did not publicly comment, security researcher Alex Ionescu says that the macOS 10.13.2 update will address the issue.
The question on everyone's minds: Does MacOS fix the Intel #KPTI Issue? Why yes, yes it does. Say hello to the "Double Map" since 10.13.2 -- and with some surprises in 10.13.3 (under Developer NDA so can't talk/show you). cc @i0n1c @s1guza @patrickwardle pic.twitter.com/S1YJ9tMS63— Alex Ionescu (@aionescu) January 3, 2018
Microsoft in a blog post has said,
The majority of Azure infrastructure has already been updated to address this vulnerability. Some aspects of Azure are still being updated and require a reboot of customer VMs for the security update to take effect. Many of you have received notification in recent weeks of a planned maintenance on Azure and have already rebooted your VMs to apply the fix, and no further action by you is required. Azure customers should not see a noticeable performance impact with this update. We’ve worked to optimize the CPU and disk I/O path and are not seeing noticeable performance impact after the fix has been applied.