Sergey Nivens - Fotolia
It is more likely for a targeted attack to exploit a low risk vulnerability than for a worm to do so. Most, if not all, vulnerabilities that can be used by a worm would be classified as high risk through basic vulnerability analysis. Enterprises shouldn't completely ignore low risk vulnerabilities, but should focus their resources based on the overall impact of a security incident, or the results of an audit or assessment. In a targeted attack, a skilled attacker can chain different vulnerabilities together to gain access to an individual system and then use that access to attack the rest of the network.
This proof-of-concept attack that combines memory deduplication and a Rowhammer exploit is of low risk. It is very unlikely a Rowhammer-based exploit will be used in a worm, but a Rowhammer and Microsoft Edge attack could be used to capture a targeted password and then used to further attack an enterprise. Researchers from Vrije Universiteit Amsterdam in the Netherlands outlined the specific scenario necessary to extract a password from a targeted system.
For enterprises that have performed a risk assessment and identify this attack as high enough risk to mitigate, there are few steps they can take to limit the impact of an attack using Rowhammer. The most important step is to not browse untrusted websites from servers that could be targeted, but this doesn't protect virtual systems or terminal servers using vulnerable DDR3 or DDR4 memory. The researchers are working with Microsoft to devise a mitigation for this attack.
Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)
Find out how to mitigate bit flipping caused by Rowhammer attacks
Learn if the Rowhammer exploit marks a rise in hardware vulnerabilities
Read about the problems branded vulnerability marketing creates
Dig Deeper on Web browser security
Related Q&A from Nick Lewis
Cloud penetration testing presents new challenges for information security teams. Here's how a playbook from the Cloud Security Alliance can help ... Continue Reading
Many cloud providers are tight-lipped about internal security control details. Learn how to evaluate cloud security providers with certifications and... Continue Reading
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading