What You Need to Know About Spectre and Meltdown

It’s 2018 and we are already starting the new year off with two new security risks with the recent processor vulnerabilities called Meltdown and Spectre. On Tuesday January 2, security researchers published a significant finding whereby a flaw in nearly all modern microprocessor chips allow for attackers to gain varying levels of access into protected kernel memory areas. The kernel is the core of a computer’s operating system with complete control over everything on the computer system. Fixes for many OS’s are available in the form of a security patch.

How serious is this?
Meltdown is “probably one of the worst CPU bugs ever found” according to Daniel Gruss, one of the researchers at Graz University of Technology who discovered the flaw. It is very serious in the short term and needs immediate attention. The underlying issue with Meltdown is that anything that runs as an application could potentially steal your data, including passwords and javascript from a web page viewed in a browser.

Spectre is more difficult for hackers to take advantage of but is also more difficult to fix, and is expected to be a bigger problem in the long term.

Who is affected?
These two major flaws in computer chips could leave a huge number of computers and smartphones vulnerable to security concerns, potentially allowing an attacker to read sensitive data stored in the memory. Almost every computing system (desktops, laptops, smartphones, and cloud servers) — is affected by the Spectre bug. Meltdown appears to be specific to Intel, impacting all Intel systems from laptops to servers.

National Cyber Security Centre Guidance:

https://www.ncsc.gov.uk/guidance/meltdown-and-spectre-guidance

US-CERT (United States Computer Emergency Readiness Team) has a helpful list of affected vendors and links to associated remediation steps:
https://www.us-cert.gov/ncas/alerts/TA18-004A

Intel Firmware Update
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

Microsoft released an update for devices running Windows 10
https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

Potential impact on processors in the IBM Power family (patches available January 9th)
https://www.ibm.com/blogs/psirt/potential-impact-processors-power-family/

Linux system administrators should examine the Linux Kernel Mailing List (LKML) website:
https://lkml.org/lkml/2017/12/4/709

Redhat system administrators should examine this website (which is updated routinely): [8]
https://access.redhat.com/security/vulnerabilities/speculativeexecution?sc_cid=701f2000000tsLNAAY

Suse system administrators should examine this website:
https://lists.suse.com/pipermail/sle-security-updates/2018-January/003562.html

Users and administrators are urged to update their computers with the latest security fixes as soon as possible. We also encourage users to refer to their OS vendors for the most recent information. Due to the fact that the vulnerability exists in CPU architecture rather than in software, patching may not fully address these vulnerabilities in all cases.

Champion is ready to help you evaluate your patching strategy and give you best practices around mitigating risk on this most current security issue. Learn more about our security capabilities at: https://www.championsg.com/services/security

PREV

Importance of Data Lifecycle Management

NEXT

IBM i OS End of Support for v7.1.x in April 2018

WRITTEN BY: