Cyber Security Threat: Meltdown & Spectre

Microsoft, and other vendors, have released emergency updates to protect against vulnerabilities discovered in the last day or two related to a serious security flaw. These updates are to combat two known threats called Meltdown and Spectre.

Meltdown is a vulnerability that affects any Intel chip-based computer system. This includes tablets, workstations, laptops, and servers. It affects all operating systems.

The Spectre threat affects all Intel, ARM, and AMD powered computers. This includes smartphones and tablets as well.

The flaws could allow an attacker access to sensitive data stored in memory, such as passwords, email, documents, and more. It is said that billions of devices are impacted. Combined, these two threats are a serious threat to your company infrastructure of workstations and servers.

Recommendations:
1) Patch your Microsoft servers and workstations immediately. Microsoft has released updates to address these vulnerabilities. The updates are available through checking for updates or manual downloads. Currently supported operating systems (Windows 7/10, Windows Server 2008 R2 – Windows Server 2016) are covered. End of life Operating Systems have no protection from this.
– Windows 7/10 – Security Advisory
– Windows Server 2008 R2 – KB4056897
– Windows Server 2012 – KB4056899
– Windows Server 2012 R2 – KB4056898
– Windows Server 2016 – KB4056890

2) Update your hardware BIOS firmware.
– This applies to both workstations and servers.
– It is unknown at what extend Dell/HP will be updating their firmware updates. I suspect servers within the last 4-6-years will get addressed. Anything older may not.

3) Patch/update your anti-virus protection.
– Some AV protection may need to be updated before applying the Microsoft updates as it could prevent the changes that are needed.

4) Patch/update your VMWare systems – Read more

5) Patch update your Apple (more) or Linux systems (more).

6) Use a firewall with advanced security protection and advanced capture protection – SPaaS
This will help protect systems, at the network gateway level, to help prevent malicious downloads and intrusions into your network.

7) Watch for updates to be released for your smart phone.
– [01/09/2018] Apple released iOS 11.2.2 (iPhone/iPad) to address this problem.

Reality:
Reality sets in for most – fixing everything instantly is not possible nor likely and easy venture. The problem is not as simple as applying a software patch and restarting the computer. It goes deeper in making required registry changes, updating Microsoft patches, updating anti-virus patches, and updated hardware (e.g. Dell) BIOS firmware. All of which most were just released. Many will have to be performed manually on each system to get the latest round of updates to show up, download, and install. This is rather timely when it comes to checking 5, 20, or 100-systems. Despite the effort, it is advisable to take immediate action to protect your systems.

Addressing this problem in the future:
At Analytics, we can help you address security and critical patching updates with our Proactive Server Maintenance, Managed System Patching, and Asset Management Solutions. We can manage / automate updates and patching of your systems across your entire infrastructure. This can be done on a scheduled basis and/or when updates are needed to address a security threat. Partnering with Analytics, to manage this for you, allows you to focus on your business and do what you do best.

Contact us to find out more about our proactive solutions for your business today.

More information and references:
• “Late last night, Microsoft issues out-of-band updates that address Meltdown and Spectre, two security flaws said to be affecting almost all CPUs released since 1995.” – BleepingComputer

• Major chip flaws affect billions of devices – CNN Tech

• Bugs in modern computers leak passwords and sensitive data – Read more

• What you can do right now about the severe Intel chip security flaw – Read more

• Trend Micro Solutions – Read more

• Meltdown and Spectre Vulnerabilities: A SonicWall Alert