Spectre and Meltdown Malware Samples Threatening CPU too could Explode

As the early samples of Spectre and Meltdown malicious programs start emerging, it's an indication that these central processing unit vulnerabilities should be avoided with patches deployed onto users' systems. Albeit a consequence of these patches is slackening of computers' speed, yet in the case of Linux, if not other OSes, it mayn't be too bad like originally thought.

Bleeping Computer reports of several malware samples that security researchers of late detected which are related to the freshly revealed vulnerabilities. For e.g. according to AV-Test, it has identified 139 such samples, an increase from 119 one week back. Pcgamer.com posted this, February 1, 2018.

It has been found that the Meltdown vulnerability namely CVE-2017-5754 impacts the CPUs of Intel computers whereas the Spectre vulnerability namely CVE-2017-5715 and CVE-2017-5753 affects any modern processor among which those from ARM, Advanced Micros Devices, and Intel are also included. An attacker exploiting the mentioned vulnerabilities can potentially intercept the system memory for privileged information.

Notably, the aggregate of latest malicious programs that security firms observe daily is pretty large than the total Spectre and Meltdown samples of malicious programs which AV-Test reported for the public. Fortinet the security company assessed one huge bunch of existing malicious programs having the characteristics of Spectre and Meltdown only to find that each of them was created for experiments.

Additionally, Fortinet made its anti-virus signatures up-to-date so that safeguards were ready vis-à-vis the malicious programs it assessed.

Further, VirusTotal too detected Spectre and Meltdown based malware samples. Additionally according to Mozilla, it's possible to remotely exploit Spectre by implanting malware inside JavaScript files placed onto websites.

A fundamental challenge experienced while fixing the Spectre and Meltdown security flaws is that it's extremely complicated to design a patch for fixing the exposed side-conduit problems.

At January-start Mozilla stated that the experiments it conducted substantiated that one could employ similar methodologies available on the Web for intercepting private data from one origin to another. Investigation was ongoing into the kind of assault in its entirety and the company was working with various browser vendors and security researchers for complete comprehension of the danger and its solutions.

» SPAMfighter News - 2/9/2018