Lightboard Lessons: Explaining the Spectre and Meltdown Vulnerabilities
The "Spectre" and "Meltdown" vulnerabilities affect almost every computer in the world. One of the very interesting things about each of these vulnerabilities is that they target the hardware (processor) of the computer rather than the software. Intel is the leading computer processor manufacturer in the world, and most Intel processors are vulnerable to both Spectre and Meltdown. Other manufacturers' computer processors are vulnerable as well. These vulnerabilities can allow an attacker to view the entire contents of the memory on a victim's computer. Because so much sensitive data is stored in memory (passwords, personal information, etc), these attacks can be devestating. Watch the video below to learn more about Spectre and Meltdown and how they work.
March 21, 2018 UPDATE
F5 has released BIG-IP v12.1.3.3 and v13.1.0.4. These versions include fixes for the SPECTRE variant 1 (CVE-2017-5753) and MELTDOWN (CVE-2017-5754) vulnerabilities.
The official documentation of these vulnerabilities and details on fixed versions is available from https://support.f5.com/csp/article/K91229003.
Related Resources:
- ltwagnonRet. Employee
F5_Digger, great question! As you noted, Spectre variant 1 and Meltdown are addressed in the 12.1.3.3 update. I believe Spectre variant 2 requires an update from chip providers, so we will continue to follow this one closely and provide updates on the KB article listed above. Thanks!
Hi John
Thank you
- ltwagnonRet. Employee
hi zack. great question! because the Spectre and Meltdown vulnerabilities are targeted at the hardware (processor) of a computer, I don't think any ASM signatures will be effective for these. The ASM signatures will catch Layer 7 network requests and block malicious content from a client accessing a web application. The Spectre and Meltdown vulnerabilities happen outside the realm of the traditional network layers. That said, there are some browser JavaScript issues related to these vulnerabilities, and one of F5 security experts (Nir Zigler) just posted a good article about how ASM can help mitigate some of those issues. Here's the article: https://devcentral.f5.com/s/articles/meltdown-and-spectre-web-application-risk-management-29356
 
If you are concerned about these vulnerabilities on the BIG-IP hardware platform, you can reference K91229003: Side-channel processor vulnerabilities CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754
 
Hope this helps!
 
- zackAltostratus
Thanks for the great and in time update!!!
John, a quick question, just curious about whether ASM can have any signature released to help detect/block Spectre and Meltdown?
- FulmetalNimbostratus
Simply and clearly explained ... Thanks very much John ! Impact on clouds environnements can be very sad ! Isn't it ! And even on mobile phones where we could have some leak of my bank apps from my funny and unprotected bullets game ( that i use on the metro to have fun ...)
!