A security researcher has discovered several working Spectre exploits (opens in new tab) that were uploaded to the VirusTotal database last month. Spectre, along with Meltdown, are two extremely severe hardware vulnerabilities that affect Intel, IBM POWER, and some ARM-based processors (opens in new tab).
While Intel has since implemented hardware mitigations for the vulnerability in newer processors, older ones have to rely on software fixes that come with a performance penalty, which prevents its blanket use. This means that there’s still a large number of systems that are vulnerable to the recently discovered exploits by security researcher Julien Voisin.
“Someone was silly enough to upload a working spectre (CVE-2017-5753) exploit for Linux (there is also a Windows one with symbols that I didn't look at) on VirusTotal last month,” wrote Voisin as he analysed both exploits in detail.
- Here are the best Windows 10 deals (opens in new tab)
- These are the best Windows 10 VPN services (opens in new tab)
- And here are the best Linux distros (opens in new tab)
As per BleepingComputer’s reading of Voisin’s brief, it appears that on unpatched systems the exploits allow unprivileged users to read the contents of the file that stores user passwords in both Windows and Linux.
Voisin was able to successfully use the exploit on an unpatched machine running Fedora in his lab.
In an ensuing discussion (opens in new tab), it is revealed that the exploits were part of a larger package whose name seemed to suggest that it was part of the Canvas penetration testing tool. Interestingly, as BleepingComputer notes, Canvas has advertised that it has working Spectre exploits for Windows and Linux for over three years now.
At the time of Voisin’s original analyses both exploits had a nil detection rate. However, at the time of filing this report, twenty engines (opens in new tab) have been taught to flag the exploits.
Spectre and Meltdown first raised concerns in 2018, when it was discovered in 2018 that all Intel CPUs produced in the last 20 years were vulnerable to the "catastrophic" Spectre and Meltdown vulnerabilities.
- We've also highlighted the best antivirus (opens in new tab)
Via: BleepingComputer (opens in new tab)