Hello, Friends. This is Patel Mubassir. Today I am going show you How to protect your PC against Meltdown and Spectre CPU vulnerability And How To Patch It. Before starting anything let’s take a quick review of What is Spectre and Meltdown vulnerability And How it can affect Computer.
What are Spectre and meltdown vulnerability
Meltdown and Spectre exploit critical vulnerabilities in modern processors. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents. for Technical Details.
Spectre and meltdown vulnerability Checker
Okay friends, Let’s check my processor is vulnerable to this spectre and meltdown vulnerability or not. Ohh… There is one script on GitHub which is able to find is our processor is vulnerable or not. Let’s clone that script from GitHub.
The easy way to run the script
- Get the latest version of the script using
curl -L https://meltdown.ovh -o spectre-meltdown-checker.sh wget https://meltdown.ovh -O spectre-meltdown-checker.sh
- Inspect the script. You never blindly run scripts you downloaded from the Internet, do you?
- When you’re ready, run the script as root
chmod +x spectre-meltdown-checker.sh sudo ./spectre-meltdown-checker.sh
Oh, As we can see in screenshot no.2 my processor is vulnerable to spectre vulnerability. Now, What?? Can someone able to hack exploit my machine. The answer is yes. But is not so easy as we think. Now, How to patch that vulnerability?
Affected systems by Spectre Vulnerability
Variant 1: bounds check bypass — CVE-2017-5753
Variant 2: branch target injection — CVE-2017-5715
- Can be exploited : Extract information from other running processes (ex: stealing login cookies from browsers).
- Processors: Intel, ARM, and AMD processors are all reportedly affected to some degree.
Read This: How to Find Exploit In terminal.
Rogue data cache load — CVE-2017-5754
- Exploited: Read the contents of private kernel memory from an unprivileged user process.
- Processors affected: All out-of-order Intel processors released since 1995 with the exception of Itanium and pre-2013 Atoms. A list of vulnerable ARM processors and mitigations is listed here.
- Note: No AMD processor affected by this vulnerability.
How to protect your PC against Meltdown and Spectre CPU vulnerability
Here’s a quick step-by-step checklist, followed by the full process.
- Update your operating system
- Check for firmware updates
- Update your browser
- Update other software
- Keep your antivirus active
Read This: Best Penetration testing Framework.