The solution protects legacy programs from branch target injection without the need to recompile the code. The need for a solution has become urgent for security professionals that fear their systems will be vulnerable to Spectre attacks, which can be vectored to gain access to confidential information. Many companies have rushed to code patches for popular compilers to secure systems from Spectre, but many industries don’t have the luxury of being able to recompile application or source code. Systems, such as those found in IoT, defence, medical or industrial applications can therefore remain vulnerable.
GrammaTech’s Cyber Hardening Services now allow for the protection of critical applications and libraries from Spectre without recompiling. The service performs binary analysis to look for vulnerable areas of code and then adds mitigation code to those locations. The mitigation code follows the ‘retpolines’ approach published by Google.