Last week researchers at Graz University responsibly disclosed two major computer processor flaws, named Meltdown and Spectre, that could affect billions of devices using the chip.

Spectre and Meltdown: the facts

The critical security exploits, that have been around since the early ‘90s, are said to be CPU vulnerabilities that allow malicious actors to access any confidential information being run on the same central processing unit.

While programs are typically not permitted to read data from other programs, a malicious actor can get hold of information stored in the memory of other running programs. This might include passwords stored in a password manager or browser, personal photos, emails, instant messages and even sensitive corporate data. There are some PoCs from the research team in Graz, meaning they’ve proved conceptually how the vulnerability could be exploited, but no malware has been found in the wild as of yet.

Vendors have known about these vulnerabilities since December, but as with any responsible disclosure, there has been an embargo on the information to give the company the chance to fix the exploit before going public. Nevertheless, due to the size and potential impact of the breach, the embargo started to leak so the flaw was made public last week.

How does it affect mobile?

Apple confirmed last week that all iPhones, iPads and Mac computers are affected by two major flaws in computer chips, in this instance dispelling the popular misconception that iOS devices are more secure than Android.

All Mac systems and iOS devices are affected, but there are no known exploits impacting customers at this timeApple said in blog post on the issue.

Exploits like these are harder, but not impossible, to execute on mobile devices due to the limited instruction set available to developers. Nevertheless, Apple patched their kernel on iOS 11.2 and Google released a security patch for this before the weekend.

What does this mean to Wandera customers?

Wandera’s cloud service providers have patched the servers, meaning Wandera services are secure from the chip flaw. There are also a few other ways in which Wandera can prevent malicious actors exploiting the flaw within your fleet.

As the chip flaw is concealed within the hardware itself, it would not be flagged with a typical on-device security app, as it would not have privileged access to the device hardware. Wandera however, has visibility beyond the application level and can help in a number of ways.

1.  We block malicious sites and apps at the source

Firstly, Wandera’s secure mobile gateway works at proxy level blocking malicious sites and applications at the source, before they have the opportunity to take hold of your device.  

With any form of attack, the exploit itself is not enough to result in a breach. In order to extract the information needed from the device, the malicious actor will need to communicate with the Command & Control server to retrieve the information they need to conduct the attack.

intel.

2. We detect unusual behavior

MI:RIAM, Wandera’s mobile intelligence engine, is constantly on the lookout for unusual behavior if the chip flaw vulnerability were to be exploited. Using Wandera’s global footprint of mobile devices MI:RIAM identifies patterns of risk, detecting zero-day exploits like Meltdown and Spectre at the source.

Take the resurgence of SLocker malware last year, for example. Only the advanced intelligence of MI:RIAM could surface the secretive return of this malicious strain of malware. Drawing upon millions of historical data points, MI:RIAM was able to detect the variations of malware that the hackers had created to bypass conventional security scans.

If an attack launches on the device where the malicious actor attempts to remove restrictions imposed by the manufacturer or operator to allow the installation of unauthorized software, Wandera’s advanced Jailbreak detection can intervene.

3. We continually evaluate and assess applications

Wandera will inform admins of any users that are running outdated operating systems that will not be protected by the recent iOS and Android patches. Wandera can also provide insight into applications, if and when, they decide to exploit the vulnerability.

Our App Insights report delivers a comprehensive list of apps that are being used across the mobile device fleet, complete with versioning details and additional metadata. The report also provides a complete security assessment for each app, including an analysis of the permissions requested and the network resources accessed by the app.

app insights.

Speak with an expert

If you’d like advice on how to keep your mobile estate protected from Spectre, Meltdown and other zero-day exploits, get in touch with Wandera representative today.  

Wandera’s cloud service providers have patched the servers, meaning all Wandera services are secure from the Intel chip flaw.

Get a free demo of Wandera

Protect your corporate devices, keep track of mobile data usage and ensure policy compliance. Get in touch to talk to one of our experts and see our award-winning platform for yourself.</>

Request a Demo