Wrangling with the Ghost: An Inside Story of Mitigating Speculative Execution Side Channel Vulnerabilities

Microsoft's approach to researching and mitigating speculative execution side channel vulnerabilities

• Microsoft brought in experts and collaborated across the industry to mitigate the new class of hardware vulnerability known as Meltdown and Spectre
• They created a taxonomy and framework to reason about the attacks and mitigation strategies
• Mitigations involved a combination of hardware and software changes, such as using the Hughspecter command line flag and making use of indirect branch controls
• New variants of the vulnerability were discovered and mitigated by identifying vulnerable code patterns and inserting appropriate serialization
• Microsoft launched a speculative execution side-channel bounty for new variants
• The impact of the vulnerabilities was massive, potentially leaking information across nearly every security boundary

The presentation describes Microsoft's Incident Response process and how they brought in an expert to help them understand the new class of vulnerability. They also highlight the importance of collaboration across the industry in mitigating these issues.

2018 started off with a bang as the world was introduced to a new class of hardware vulnerability which became known as Meltdown and Spectre. New classes of vulnerabilities are exceedingly rare and this one came with ramifications for the security boundaries that web browsers, operating systems, and cloud providers rely on for isolation to protect customer data. Now, rewind back to the summer of 2017. This disclosure and the industry response were months in the making. A new class of vulnerability comes with challenges rarely mounted and the need to pull back to examine our thinking.In this presentation, we will describe Microsoft's approach to researching and mitigating speculative execution side channel vulnerabilities. This approach involved bringing experts from across Microsoft, hiring an industry expert to accelerate our understanding of the issues, and collaborating across the industry in a way not done previously. This team presentation between Microsoft and G DATA will provide a firsthand account of the engineering centric work done and the collaboration necessary to mitigate these issues. We will describe the taxonomy and framework we created which provided the industry foundation for reasoning about this new vulnerability class. This work built on the initial researcher reports and expanded into a larger understanding of the issues. Using this foundation, we will describe the mitigations that Microsoft developed and the impact they have on Spectre and Meltdown.