Last week, ADNET published a blog highlighting two new vulnerabilities named Meltdown and Spectre. These vulnerabilities likely affect every computer, server and mobile device released within the past 10 years or more. While the IT security world knew these discoveries were significant, very little factual or reliable information was available. We felt it was important to keep our clients informed, but we also realized that “many of the technical details and possibly widespread effects” were still unclear. Now that a week has passed and more factual information has come to light, we wanted to provide an update on the vulnerabilities along with recommendations for remediation.
What We Know:
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to access secrets stored in the memory of other running programs. This might include passwords stored in a password manager or browser, personal photos, emails, instant messages and even business-critical documents.
Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider’s infrastructure, it might be possible to steal data from other customers. (Credit to Graz University of Technology)
Q&A:
- Are patches available? Yes, there are patches for most mainstream operating systems and applications that are affected by these vulnerabilities. An updated listing can be found here.
- I heard Microsoft’s patch causes problems? Microsoft’s patch to resolve Meltdown and Spectre vulnerabilities for AMD processors has been suspended due to issues with crashing. Microsoft is reportedly working on the issue and an updated patch will be released in the very near future.
- What does this mean? As of today, there are no patches available for AMD based machines, but there are patches available for Intel based machines.
- Will I experience performance issues? While each environment is unique due to hardware and other factors, Microsoft and other creditable vendors are informing their customers to expect slowdowns.
- Will these updates affect my Anti-Virus? The short answer is YES. Each anti-virus vendor is required to provide an update to their product that will support the Meltdown and Spectre security patches. Until this is done, not only will Microsoft not allow their remediation patch to install, they also won’t allow any future Windows Update to be installed according to their recent KB support article.
- Should I install the patch? See our recommendations below.
Recommendations
Due to the volatile nature of this vulnerability and the patching options available at this time; ADNET is providing individual guidance as opposed to making a globalized recommendation. It is our thought that each organization has unique network and business needs and thus each situation should be handled on a case-by-case basis. As an example; installing the security update could cause little-to-no issues on one network, while being completely devastating to another. In situations such as these, testing is a priority.
We understand that our clients look to us for guidance or direction on such matters, and we will continue to post updates as new information becomes available. In the meantime, please don’t hesitate to reach out to us if you have any questions or concerns regarding these vulnerabilities.
More Blogs in this Series: