What’s In A Name: Meltdown and Spectre
Written by Dan Powers
One of the reasons this latest threat is so complicated is because it’s actually multiple vulnerabilities that were unveiled at the same time. They’re similar in some ways, but differ in important others — a fact hinted at by their names.
According to researchers,
1. Meltdown “basically melts security boundaries which are normally enforced by the hardware.”
2. Spectre, meanwhile, “breaks the isolation between different applications” allowing “an attacker to trick error-free programs, which follow best practices, into leaking their secrets.”
And what does that actually mean? Essentially, either of these vulnerabilities could be theoretically exploited to steal sensitive data, like passwords, off your computer. Spectre is also a threat to your smartphone, so no escape there.
Simply an example of using this to steal passwords: https://youtu.be/RbHbFkh6eeE
Meltdown – Vendors have been extremely quick to help “mitigate” this risk (we say mitigate, because it is still new and none of these software patches can 100% protect you). But, taken these steps are some of the most important patching steps all organizations should be doing with quick haste.
Spectre – This one is a little trickier. Harder to exploit, but also MUCH harder to protect against, some software patches help slow this down, but only some FIRMWARE/BIOS updates will actually fix the issue, and vendors are slower to provide fixes for this. This alone makes this very difficult to manage when you have multiple endpoints/devices/IoT spread across the organization.
We were able to use IBM BigFix (Windows only) to track and help manage this:
Everything above (99%) that shows TRUE (blue), are VUNVERVABLE endpoint devices. But we can keep “TRACK” of how this is being handled.
1. Pie Chart one: More steps are REQUIRED to protect yourself
2. Pie Chart Two: BIOS/FIRMWARE is in need of updates… harder as vendors are slower to update this
3. Pie Chart Three: Shows (Windows) that these devices have NOT installed the latest MS patches to address this issue
4. Bar Chart: Showing the various CPU (can add BIOS data) that is used in the environment.
Learn more about BigFix and our capabilities by visiting: https://www.championsg.com/ibm-bigfix