Protect your Windows PC against Meldown and Spectre

in security •  2 years ago  (edited)

Meltdown (CVE-2017-5754)


Meltdown breaks the fundamental isolation between user applications and the operating system.

Spectre (CVE-2017-5753 and CVE-2017-5715)


Spectre breaks the isolation between different applications.

An attacker can use both vulnerabilities for stealing passworts and sensitive data. More information can be found at https://meltdownattack.com/.

How to check if your pc is vulnerable

Visit the official microsoft site for more information https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in.

Open powershell as admin

Open the start-menu and write powershell. Right click and select “Run as Administrator”. Click yes on the dialog for running as admin.

Install the PowerShell Module

Typ the following into the powershell.

 Install-Module SpeculationControl

Press two times 'y' for installing the module.

Run the PowerShell module to validate the protections are enabled

Enter the following commands (You can also copy the commands from the official microsoft site)

$SaveExecutionPolicy = Get-ExecutionPolicy
Set-ExecutionPolicy RemoteSigned -Scope Currentuser

Press 'y' for changing the Execution Policy

Import-Module SpeculationControl
Get-SpeculationControlSettings

After this enter

Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser

Press 'y' for changing the Execution Policy to the original state

Your are protected against meldown and spectre when you seeing only green-colored True's.
If you have an old motherboard as i have and not getting any bios or firmware upgrade, then it will look like this:

This means that i am protected against meltdown but not against spectre.

You can see Spectre in action using this small program from github https://github.com/stephanvandekerkhof/cpp-spectre-meltdown-vulnerability-windows-test
Download spectre-meltdown-vulnerability-windows-test.exe and excecute it:
If you see the following output (as i see on my PC)

then your are vulnerable against Spectre.

This program creates a variable

char *secret = "MELTDOWN/SPECTRE-POC by Stephan of EHVSN";

and uses Spectre to read its content.

What to do, if you are not protected against Spectre (like me)

  • Update your Browser and maybe use chrome.
  • If you are using chrome, activate Strict site isolation by entering
chrome://flags/#enable-site-per-process

into the address bar.

  • Activate Strict site isolation and restart chrome. If it is activated, it should now look like this:

  • Chrome tries to prevent attacks with javascripts, as you can read here: https://sites.google.com/a/chromium.org/dev/Home/chromium-security/ssca

  • Buy a new PC (?) as your old one will most likely not get any new BIOS upgrade. The last update for my BIOS was 2015. But lets hope and wait.

Do you have also some usefull tips for windows user which are vulnerable against Spectre? Please let me know!

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!