Spectre + Meltdown

What is this new vulnerability?

Computer researchers have recently found that most CPU chips have a hardware bug, that has actually been there for years.  This is a big deal because it affects almost every computer on your network, including all your workstations and servers, as well as SmartPhones, IoT devices, and even Cloud-based and virtual systems.

These new vulnerabilities are known as Spectre (CVE-2017-5753 and CVE-2017-5715) and Meltdown (CVE-2017-5754).  These hardware bugs allow malware to potentially access data that is being processed in memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation (allowing code to melt down the security walls using speculative execution)

So, if hackers are able to install malicious software on your computers, they could get access to your passwords stored in a password manager or browser, your emails, or critical and confidential documents and data.  However, at this time there is no evidence of any malicious exploitation of these flaws.

 

How do I protect myself from this?

You need to update and patch all machines. This is going to take some time,  as some of the patches are not even available yet. In the meantime, you need to be extra vigilant, with security top of mind and “Think Before You Click”.

For those who are ATManage customers, we are already proactively applying all of the currently released software patches on the systems/devices within your environment that we currently manage.  We will continue to monitor new patches as they get released and apply them as necessary to protect those against this bug.

For those who are ATProtect customers, we are able to run vulnerability scans against your servers to determine which have or have not received the relevant patches.  As exploits to this vulnerability are released, our SOC will monitor SIEM and IDS alerts from your environment in order to detect any malicious activity related with these flaws.

For more information, please contact us at: atsales@appalachiatech.com

Where can I find security advisories of affected companies?

 

Link

Intel

 Security Advisory    /     Newsroom    /     Whitepaper

ARM

 Security Update

AMD

 Security Information

Microsoft

 Security Guidance    /     Information regarding anti-virus software    /     Azure Blog

Amazon

 Security Bulletin

Google

 Project Zero Blog    /     Need to know

Apple

 Apple Support

Mozilla

 Security Blog

Red Hat

 Vulnerability Response

Debian

 Security Tracker

Ubuntu

 Knowledge Base

SUSE

 Vulnerability Response

Fedora

 Kernel update

Qubes

 Announcement

LLVM

 Spectre (Variant #2) Patch

CERT

 Vulnerability Note

MITRE

 CVE-2017-5715   /    CVE-2017-5753    /     CVE-2017-5754

VMWare

 Security Advisory

Citrix

 Security Bulletin

Xen

 Security Advisory (XSA-254)   /    FAQ