Matrix42 News / Press
Azienda Ben informati

Defend against Spectre and Meltdown vulnerabilities!

AV and NGAV are not able to explicitly defend against Spectre and Meltdown vulnerabilities, but may be able to detect and stop malware that attempts to exploit these vulnerabilities.

Spectre and Meltdown vulnerabilities can be used by hackers to read privileged memory. One such use case is to exploit this as part of a privilege escalation to take over the affected systems. Spectre can also be used as part of a remote exploitation scenario. For example, an attacker can use Spectre to remotely read the entire address space of a browser process by creating malicious Javascript code. Note that another unrelated vulnerability is required to fully exploit the browser.

Multi-layer security: To complement the protection against infections, such as NGAV, we recommend the use of functions to protect against infections, such as enSilo's Endpoint Security Agent. The enSilo software provides full transparency at kernel level on the endpoint and can detect malware threats that exploit Spectre and Meltdown vulnerabilities in real-time.

enSilo had early access to the Windows patch released by Microsoft on January 4, 2018 and had thoroughly tested it last month. No updates to the existing enSilo platform are required to be protected against attacks that exploit this vulnerability. Matrix42's Automated Endpoint Security by enSilo pre- and post-infection pre- and post-infection prevention features can fully protect against malware such as Spectre and Meltdown.