Spectre, on the other hand, gets its name from a procedure known as "speculative execution" that is supposed to help computers carry out actions in a non-linear fashion, improving the speed of execution.įor instance, if the program a user is running follows an 'if X, then Y' rule, then if a user chooses to perform X, the chip must then work on carrying out Y. In side-stepping these defences, Meltdown permits attackers or malware to access and pry on data they shouldn't be able to. Meltdown is so-called as it has the ability to "melt" the restrictions usually set in place at a chip's hardware level that should, in theory at least, protect sectors of the memory.
#Spectre meltdown code
Both include malicious code gaining access to data that is normally protected by the kernel. Spectre and Meltdown are the names given to the diverse variants of this same vulnerability.
By exploiting the kernel in different ways, Meltdown and Spectre have the potential to allow intruders to get access to data previously thought completely protected.
#Spectre meltdown windows
These entries don't do anything on systems where the hotfix is not yet installed, so they can be applied to all Windows systems without negative consequences.The kernel on a computer chip moves data around a chip's various sections of memory in response to what command a user is carrying out. meltdown::windowsĮnsures the registry entries are present that are needed to enable the Spectre & Meltdown hotfix after it is installed. meltdown::linuxĮnsures the prerequisite binutils package is present for properly detecting Spectre & Meltdown. Includes meltdown::linux or meltdown::windows, depending on the kernel. This module includes two manifests to aid in some prerequisites that you can manage with Puppet. During the next Puppet run, all connected agents will receive meltdown's fact definition and will send meltdown's fact back to the puppetmaster.
#Spectre meltdown install
To get information (fact) only, just install the module on the Puppetmaster (either manually or by adding it to Puppetfile). NOTE: this module is provided in the hope it will be useful, but does not guarantee correct or complete detection or remediation of Meltdown / Spectre.
Please refer to specific instructions for your vendors and consider patches carefully before applying.
#Spectre meltdown full
NOTE: full remediation also requires patching your hardware and/or virtualization platforms. All credits to the authors for these awesome functions. CVE-2019-1125 Spectre variant 1 variant - SWAPGSįor Windows, the module uses the SpeculationControl module for Powershell - see and the Get-WUInstall function from Michal Gajda - see.CVE-2019-11091 Microarchitectural Data Sampling Uncacheable Memory (MDSUM).CVE-2018-3639 Spectre Variant 4 (Speculative Store Bypass).CVE-2018-3620 Spectre Variant 'Foreshadow' (L1 Terminal Fault).CVE-2018-12130 Microarchitectural Load Port Data Sampling (MLPDS).CVE-2018-12127 Microarchitectural Fill Buffer Data Sampling (MFBDS).CVE-2018-12126 Microarchitectural Store Buffer Data Sampling (MSBDS).CVE-2017-5754 Spectre Variant 3 - also known as Meltdown (Rogue Data Cache Load).CVE-2017-5753 Spectre Variant 1 (Bounds Check Bypass).CVE-2017-5715 Spectre Variant 2 (Branch Target Injection).
On Windows, the module detects the following vulnerabilities (listed in alphabetical order):
0 kommentar(er)
