Last week, near-panic ensued as the world learned of Meltdown and Spectre, the latest in a steady stream of cyber attacks.
Meltdown and Spectre exploit vulnerabilities in processors that employ a type of performance optimization known as speculative execution. In these attacks, speculatively executed instructions on incorrectly predicted code paths create observable changes in a micro-architecture’s state. These observable changes enable attackers to infer information about a processor’s activity and exfiltrate sensitive data such as decryption keys. Processor manufacturers can and will fix these issues, but it will take years to get billions of new processors into the market.
In the meantime, operating system vendors like Apple, Microsoft, and the open source Linux teams are releasing software updates to address these vulnerabilities that will come at a performance cost—in some cases as great as 30%.
While the processor manufacturers must fix their hardware, they are not equipped to protect against the many software vulnerabilities that exist in the software running on their products. Attacks that target software are a chronic issue with far-reaching impact and often disastrous consequences. The recent Equifax breach, for example, personally impacted nearly half of the US population.
Dover’s CoreGuard solution is specifically designed to address these types of attacks. Using a proprietary hybrid approach, CoreGuard uses hardware to enforce software-defined, updatable policies that defend processors from attacks that prey on software vulnerabilities. Currently, the only available mitigations to the recent attacks are being delivered in software. Like all other software, these updates come with bugs that can be exploited by determined attackers.
Dover’s CoreGuard solution eliminates the risk of vulnerable software—including the software being deployed in response to the Meltdown and Spectre attacks.
While the news of the Meltdown and Spectre attacks is unfortunate, it only reaffirms the urgency and relevance of Dover’s mission to deliver trusted solutions that bring security, safety, and privacy to our computing systems.
For more information about Meltdown & Spectre and to further understand Dover's response, please follow up with us below.