Meltdown Threat Update

January 31st, 2018 by admin

 

melt

1.    What is a Meltdown?

Let’s start with the basics:

Operating systems ensure that user applications cannot access each other’s memories and prevent user applications from reading or writing kernel memory. This isolation is a cornerstone of our computing environments and allows running multiple applications on personal devices or executing processes of multiple users on a single machine in the cloud.

Here comes the meltdown…

Meltdown allows overcoming memory isolation completely by providing a simple way for any user process to read the entire kernel memory of the machine it executes on, including all physical memory mapped in the kernel region. It works on all major operating systems by exploiting side-channel information available on most modern processors.
Processors these days use out of order execution. instead of waiting on 1 part of the processor to handle specific tasks, these tasks are anticipated and subsequent operations schedule to idle execution units of the processor.
From a security perspective, Out-of-order; vulnerable CPUs allow an unprivileged process to load data from a privileged
(kernel or physical) address into a temporary CPU register. As a result, an attacker can dump the entire kernel memory by reading privileged memory in an out-of-order execution stream, and transmit the data from this elusive state

                2. What Angani has done to protect its clients

On the knowledge of this threat, we your cloud partner had a debugging maintenance carried out 2 weeks ago. We did a threat assessment and found that VMs on PV were susceptible to the attack. We therefore carried a maintenance where we moved them over to HVM. This ensures that all the data flowing on our infrastructure is safe.
Kindly do take measures to ensure that the on premise hardware that you have is protected as well.

For more information on the Meltdown malware

 

Leave a Reply

Your email address will not be published. Required fields are marked *