Its been a couple of weeks since details first emerged of both the Spectre and Meltdown bugs, and tech companies and users are still scrambling to brace themselves for the potential disastrous security implications these vulnerabilities can bring.
Security company Fortinet have already found dozens of malware samples designed to take advantage of the PoC (Proof-of-Concept) code for both Metldown and Spectre flaws. Indeed, between just January 7th to January 22nd of 2018, the research team at AV-test have discovered 119 malware samples.
Upon further examination by Fortinet, it was determined the large majority of these samples all stemmed from the PoC which security researches had released to demonstrate the flaws in the processors. Don’t forget, that these vulnerabilities aren’t anything new, and variants of these attacks have been theorised for about 20 years now.
Unfortunately, a great deal of devices are yet to be patched because of a plethora of reasons. Intel recently were forced to recall the Spectre variant 2 patch because it was causing systems to experience reboot errors.
Furthermore, other devices are subject to the whims of OEM’s and if they decide to release patches for older devices. Given the sheer number of devices which are several years old and in regular use, its safe to say that there’ll be a great number of computers in offices which simply never are patched.
The other problem – a great deal of users might decide that patching their system isn’t worth the performance hit. And of course, that’s down to the user. It’s been confirmed by Microsoft and Intel that older systems (pre Broadwell or Skylake) certainly get hit harder than new architectures in the performance stakes.
“Most appear to be recompiled/extended versions of the PoCs – interestingly, for various platforms like Windows, Linux and MacOS,” Andreas Marx, CEO of AV-Test said to Security Week. “We also found the first JavaScript PoC codes for web browsers like IE, Chrome or Firefox in our database now.”
The good news is that security experts believe that the current malware is still in the ‘research phase’ and it is likely still being tweaked to fully take advantage of systems to extract data from users.
According to Marx, other than updating your OS and BIOS, there are a few other tactics you can employ to reduce your vulnerabilities to attack. The first is switching off the computer if its not needed for periods of an hour plus, and the second is to close any open web browsers during times you’re not needing to use them.
Of course, the problem is that this isn’t very convenient for users at all, but until patches are available it might be the best option. Or the other simple solution – disable your internet connection – particularly those with a desktop and a hard wired ethernet connection.