熔断漏洞和幽灵漏洞

Until this week, Spectre was just the fictitious name of a secret organisation bent on world domination in a James Bond movie. Today, it is something far more real, though equally as sinister –a design flaw in Intel microprocessors that leaves any data in their memory vulnerable to malicious exploitation.

在本周之前，Spectre只是一个假想组织的虚构名称，该组织在詹姆斯·邦德(James Bond)的电影中专心于世界统治。 如今，它已经变得更加真实，尽管同样令人险恶-英特尔微处理器中的设计缺陷，使内存中的任何数据容易受到恶意利用。

Intel’s flaw means that applications, malware and JavaScript that run in web browsers can access the contents of your operating system’s private memory areas and steal your credentials and personal information. What’s more, on shared systems, such as a public cloud server, there’s a possibility for some software to use the machine’s physical memory as a way to access data stored on other customers’ virtual machines.

英特尔的缺陷意味着，在Web浏览器中运行的应用程序，恶意软件和JavaScript可以访问操作系统的私有内存区域的内容，并窃取您的凭据和个人信息。 而且，在共享系统(例如公共云服务器)上，某些软件可能会使用计算机的物理内存作为访问存储在其他客户虚拟机上的数据的方式。

Unfortunately, Intel is not the only CPU at risk here. So are processors from Arm and AMD. AMD admits its CPUs are vulnerable in ‘some situations’ whereas Arm has published a list of affected cores, most of which are in mobile devices.

不幸的是，英特尔并不是唯一面临风险的CPU。 Arm和AMD的处理器也是如此。 AMD承认其CPU在“某些情况下”易受攻击，而Arm已发布了受影响的内核列表，其中大多数在移动设备中。

The cause of the vulnerability is due to the way modern, high-speed CPUs work. In order to operate faster, these chips attempt to guess which instructions they will be given next. In doing this, they fetch the data necessary to carry these instructions out. This data is known as speculative code. If the CPU makes the wrong guess, it has to remove the speculative code and call the code which is actually required instead.

造成此漏洞的原因是现代高速CPU的工作方式。 为了更快地运行，这些芯片试图猜测下一步将给出哪些指令。 为此，他们获取执行这些指令所需的数据。 此数据称为推测代码。 如果CPU做出错误的猜测，则必须删除推测性代码，然后调用实际需要的代码。

Unfortunately, one of the issues with these chips is that they do not completely remove the remnants of speculative code, and so parts of it remain stored in temporary caches where it can be accessed at a later time. The problem here is that cleverly coded malware can make it possible to discover that information from the contents of the CPU’s kernel memory.

不幸的是，这些芯片的问题之一是它们不能完全消除推测性代码的残余，因此部分代码仍存储在临时缓存中，以便以后可以访问。 这里的问题是，经过巧妙编码的恶意软件可以从CPU内核内存的内容中发现该信息。

It has now been discovered that there are two main vulnerabilities around the exploitation of speculative code in modern CPUs – these have been named as Meltdown and Spectre.

现已发现，在现代CPU中，利用推测性代码存在两个主要漏洞–分别称为Meltdown和Spectre。

Meltdown

崩溃

Meltdown can be employed by normal computer applications to read the contents of private kernel memory. The vulnerability has an enormous reach, potentially affecting all ‘out-of-order execution’ Intel processors that have been manufactured since 1995, with the exception of Itanium and Atom (built before 2013).

普通计算机应用程序可以使用Meltdown读取专用内核内存的内容。 该漏洞的影响范围很广，可能会影响自1995年以来制造的所有“乱序执行”英特尔处理器，但Itanium和Atom(2013年之前制造)除外。

If you have these chips installed, there are now temporary workaround patches available for Apple, Windows and Linux. You should update your operating system without delay. The patches work by moving the operating system kernel to a separate virtual memory. Although this improves security, those with high processing demands may notice an effect on performance, depending on the CPU model and the software being run.

如果安装了这些芯片，则现在有适用于Apple，Windows和Linux的临时解决方法补丁程序。 您应该立即更新操作系统。 这些修补程序通过将操作系统内核移动到单独的虚拟内存来工作。 尽管这可以提高安全性，但是处理要求较高的用户可能会注意到性能的影响，具体取决于所运行的CPU型号和软件。

Whilst Meltdown does not affect AMD processors, users of other brands besides Intel may be affected.

尽管Meltdown不会影响AMD处理器，但除英特尔外其他品牌的用户都可能受到影响。

Important note for Windows users

Windows用户重要说明

Microsoft has released a patch to block the Meltdown vulnerability. However, before installing, users and administrators should check that their antivirus software is compatible with the patch. Failure to do so could result in the blue screen of death. This is because the antivirus package needs to update a registry key before installation can occur. For this reason, Microsoft has set the update to apply only when the registry key has been changed.

Microsoft已发布了一个补丁，以阻止Meltdown漏洞。 但是，在安装之前，用户和管理员应检查其防病毒软件是否与该修补程序兼容。 否则可能会导致蓝屏死亡。 这是因为防病毒软件包需要先更新注册表项，然后才能进行安装。 因此，Microsoft已将更新设置为仅在注册表项已更改时才应用。

Spectre

幽灵

Spectre enables user-mode applications to extract data from their own processes and others being run on the same system, for example, it could extract all the login cookies stored in a browser’s memory. One of the problems with Spectre is that it is a difficult vulnerability to patch – at present, there are no solid fixes available for either Intel or AMD CPUs. Luckily, the vulnerability is equally as challenging to exploit.

Spectre使用户模式应用程序可以从自己的进程以及在同一系统上运行的其他进程中提取数据，例如，它可以提取存储在浏览器内存中的所有登录cookie。 Spectre的问题之一是，这是一个很难修补的漏洞–目前，没有针对Intel或AMD CPU的可靠修复程序。 幸运的是，利用此漏洞同样具有挑战性。

With regard to protecting yourself against a Spectre attack, the advice at present is to:

为了保护自己免受Spectre攻击，目前的建议是：

• install any operating system and firmware security updates as soon as possible尽快安装任何操作系统和固件安全更新
• do not run any untrusted code不要运行任何不受信任的代码
• consider turning on Chrome’s site isolation to prevent malicious websites from attempting to steal session cookies考虑开启Chrome的网站隔离功能，以防止恶意网站尝试窃取会话Cookie
• Xen hypervisor users should install security patches when they are available.Xen虚拟机管理程序用户应在可用时安装安全补丁。
• VMware’s ESXi, Workstation and Fusion hypervisors also need patchingVMware的ESXi，Workstation和Fusion虚拟机管理程序也需要打补丁

Information for eUKhost Customers

给eUKhost客户的信息

Staff at eUKhost are keeping fully up-to-date with developments regarding Spectre and Meltdown. As part of our managed services, we are installing patches as soon as they become available from vendors and open source maintainers, just as we do with all other security issues. As you would expect, we have a highly vigilant monitoring system in operation together with a range of other effective security measures.

eUKhost的工作人员正在全面了解Spectre和Meltdown的最新动态。 作为我们托管服务的一部分，我们将在可从供应商和开源维护者处获得修补程序后立即安装修补程序，就像处理所有其他安全问题一样。 如您所料，我们在运行中具有高度警惕的监控系统以及一系列其他有效的安全措施。

The patches currently being released are a temporary workaround until Intel and the other processor manufacturers find a permanent solution. This is expected within the next week.

当前发布的补丁只是暂时的解决方法，直到英特尔和其他处理器制造商找到永久解决方案为止。 预计在下一周内。

If you are an eUKhost customer and are concerned about the security of your system, please contact our 24/7 customer support team.

如果您是eUKhost客户，并担心系统的安全性，请联系我们的24/7客户支持团队。

翻译自: https://www.eukhost.com/blog/webhosting/meltdown-and-spectre-new-intel-cpu-vulnerabilities-discovered/

熔断漏洞和幽灵漏洞