As estimated by a Panda Security report, Spectre and Meltdown are bound to make their scaring appearance again in 2019, and this time it will be even harder to deal with them. Estimates, however, have little value in the world of cyber-security, so the researchers also cite a recent study that was published by a team of academics. This study unveils the discovery of another seven variations of Spectre and Meltdown that are already rendering attackers perfectly capable of overriding the security patches that everyone rolled out in the start of the year to plug the discovered vulnerabilities.
Spectre and Meltdown shook the world of IT in the start of 2018 when people discovered how dangerous it is to be subjected to attacks that are taking advantage of a vulnerability in our systems’ hearts, the processors. More specifically, the two security vulnerabilities allow a rogue process to seamlessly read all memory without the need for any type of authorization. Now the problem is that this vulnerability is to be found in all CPUs made by Intel, AMD, and even ARM processors, so no matter whether you are using Windows, Mac, Linux, Android, or iOS, the Spectre and Meltdown vulnerabilities are there. This is indicative of the need to update and patch all devices, even embedded systems that have lesser usability potential.
Now, the worrying part is that attackers have known about these vulnerabilities for almost a year now, and they have been busy developing different approaches that bypass the security measures put in place by the software patches. We already see quite a few implementations taking this route, with the potential exploitation field getting broader and more extensive due to the numerous attack iterations, leading to an overwhelming situation for security solutions.
In addition to that, Panda Security believes that new vulnerabilities similar to Spectre and Meltdown will be discovered in 2019, as this is only a matter of focusing on this type of investigation. The researchers believe that in the past, people simply didn’t pay much attention to CPU vulnerabilities, so the associated risks were not wholly or precisely appreciated.
Now that we have realized the seriousness of having microprocessor vulnerabilities, more research is going to get into this field, and more vulnerabilities of this type are expected to surface as a result. Panda suggests that users should treat updates as an obligation, and also to use advanced cybersecurity solutions that are capable of constantly monitoring what is going on inside a system. Hopefully, this will get us through 2019 unscratched.
How are you planning to protect yourself again attackers who aim to take advantage of Spectre and Meltdown vulnerabilities? Let us know in the comments below, and also visit our socials on Facebook and Twitter to see what else is on in the tech world.