Working Spectre exploits for Windows and Linux devices uncovered

Spectre exploit can even bypass many top malware engines

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A security researcher has discovered several workingSpectre exploitsthat were uploaded to the VirusTotal database last month. Spectre, along with Meltdown, are two extremely severe hardware vulnerabilities that affectIntel, IBM POWER, and someARM-basedprocessors.

While Intel has since implemented hardware mitigations for the vulnerability in newer processors, older ones have to rely on software fixes that come with a performance penalty, which prevents its blanket use. This means that there’s still a large number of systems that are vulnerable to the recently discovered exploits by security researcher Julien Voisin.

“Someone was silly enough to upload a working spectre (CVE-2017-5753) exploit for Linux (there is also a Windows one with symbols that I didn’t look at) on VirusTotal last month,” wrote Voisin as he analysed both exploits in detail.

Working exploits

Working exploits

As perBleepingComputer’s reading of Voisin’s brief, it appears that on unpatched systems the exploits allow unprivileged users to read the contents of the file that stores user passwords in both Windows and Linux.

Voisin was able to successfully use the exploit on an unpatched machine running Fedora in his lab.

In anensuing discussion, it is revealed that the exploits were part of a larger package whose name seemed to suggest that it was part of the Canvas penetration testing tool. Interestingly, as BleepingComputer notes, Canvas has advertised that it has working Spectre exploits for Windows and Linux for over three years now.

At the time of Voisin’s original analyses both exploits had a nil detection rate. However, at the time of filing this report,twenty engineshave been taught to flag the exploits.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Spectre and Meltdown first raised concerns in 2018, when it was discovered in 2018 that all Intel CPUs produced in the last 20 years were vulnerable to the “catastrophic"Spectre and Meltdown vulnerabilities.

These hardware flaws enabled normal user programs, such as database applications and JavaScript in web browsers, to identify some of the layout or contents of protected kernel memory areas of the vulnerable chips.

Via:BleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

iStorage Group acquires Kanguru Solutions as it looks to expand security offering

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’