Mobile users who thought they were unaffected by the Meltdown flaw affecting Intel chips are suddenly not quite so secure. A second flaw, dubbed Spectre, has been discovered – and this time it affects ARM processors, as well as Intel and AMD chips. This means that all mobile devices that use ARM architecture (and that’s pretty much all of them) are now in danger of attack.
More specifically, Cortex A8, A9, A15, A17, A57, A72, A73 and A75 processors are affected by one or more of the three exploits described.
The popular A53 core is the only missing 64-bit CPU. All major ARM licensees that provide or use mobile chips (Samsung, Qualcomm, Mediatek, Huawei) have products build using these key components.
- Huawei's high end Kirin 970, used in the Mate 10 and Mate 10 Pro, uses the A73 core.
- The A57 can be found in the Samsung Exynos 7420 Octa, which in turn powered the Samsung Galaxy S6 series.
- The Qualcomm Snapdragon 650 MSM8956 processor is particularly popular in the mid range segment where it powered the Sony Xperia X.
- The iPhone 4S used the Cortex A9 in the Apple A5. The iPhone 4 and 3GS also used ARM-based chips that were vulnerable.
- Mediatek's Helio X20 powers a slew of top of the range smartphones from China (including the Xiaomi Redmi Pro)and uses Cortex A72 CPU to drive it.
The flaws were discovered by several teams, working independently. Meltdown was detected by researchers working for Google Project Zero, and was reported to Intel in June last year.
The vulnerability was then picked up by teams at Graz University of Technology and Cyberus Technology. Jann Horn’s team at Google Project Zero also identified Spectre first, but researchers from a variety of institutions also confirmed the flaw.
A blog post from the team at the Graz University sets out the difference between the two flaws. “Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory. Both attacks use side channels to obtain the information from the accessed memory location.”
Good and bad news
There’s good and bad news about Spectre: the, relatively, good news is that it’s a harder flaw to exploit, not something that’s likely to be exploited by the archetypal teenage hacker sitting in his bedroom, but it’s a weakness that could well be exploited by state security services and criminal gangs. However, the bad news is that there’s no known fix for the flaw. There are, however, no known attacks in the wild.
In a statement, Intel said it was working with ARM and AMD to address the flaw. ARM has put out a security briefing note, indicating which chips could have been affected by Spectre.
The company also advises its users to ensure that users are careful to follow good practice to stay as safe as possible. “It is important to note that this method is dependent on malware running locally which means it's imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads,” said the company in its briefing note.