As many of you have may have read recently, Google researchers have highlighted significant vulnerabilities found in a number of processor chipsets.
These have the potential to leak passwords and other sensitive data to malicious programs running on the device. At this time, there is no evidence that these are being actively exploited, but the general expectation is that they will within a reasonably short period of time.
Meltdown
This consists of a single vulnerability in Intel chipsets, and is described as the easiest of the vulnerabilities to exploit. Operating system manufacturers are currently providing patches to mitigate this issue, although it is expected that there may be cases where system performance is degraded after the patch is applied.
Spectre
This consists of two vulnerabilities in virtually all processors from all manufacturers, due to a common design flaw. This is expected to be very much more difficult to exploit – but also much more difficult to mitigate. It is expected that a hardware refresh would be required to fully mitigate these vulnerabilities.
What are we doing about this?
We are actively working to investigate the impact of these vulnerabilities across our clients landscapes, as well as working with the relevant responsible providers to mitigate.
Microsoft patches to mitigate the Meltdown vulnerability are currently being tested in the Colt911 Solutions environments and will be pushed to the all clients commencing January 8. All client environments are different thus we are ensuring each environment is patched accordingly. Emergency patching protocols have also been established for server environments.
Remember that these vulnerabilities also impact your home devices (computers, tablets, smart phones, smart devices etc.) so do keep all such devices updated with the manufacturers’ latest patches. It is important that you reboot your devices after the patch is applied.
For other devices – such as iPhones or Android phones – please ensure that you apply the latest security patches when available.
Details of these vulnerabilities have not been fully published or analyzed by all vendors. It is expected that additional information and mitigation strategies will be documented in the coming weeks.
External Reference(s)
Trend Micro Blogs
- Fixing the Meltdown and Spectre Vulnerabilities (Trend MIcro SimplySecurity Blog)
- Meltdown and Spectre Intel Process Vulnerabilities: What You Need to Know (Trend MIcro Security News)
- A Rundown of Microsoft’s New Patch Deployment Process (Trend Micro Security News)
Microsoft Information
- Microdoft Security Advisory (ADV180002)
- Important information regarding the Windows security updates released on January 3, 2018 and anti-virus software (KB4072699)
- Windows 10 version 1709 Update Information (KB4056892)
- Windows 10 version 1607 and Windows Server 2016 Update Information (KB4056890)
- Windows Server 2008 R2 SP1 and Windows 7 SP1 Update Information (KB4056897)
- Information on how to download updates directly from the Windows Update Catalog (KB323166)
Other 3rd Party Information