Intel has said that every model of its processors are open to massive security vulnerabilities nicknamed Meltdown and Spectre. The design flaw allows sensitive data to be stolen from running memory. This could include passwords and crypto keys, for example.
Research has since found that the issue most likely isn’t contained just to Intel chip sets. The team over at Google who discovered this bug have indicated that many more processor types are likely affected. This includes AMD, ARM and a few others.
In simple terms, nearly every device may be affected. Your servers, desktops, mobile phones and tablets, firewalls. Over the coming days, more and more vendors will be releasing patches for their hardware.
This vulnerability has been receiving significant coverage across the globe and has been taken very seriously. Over the last few days Microsoft and Amazon have executed emergency patch processes to update their cloud platforms. Apple has also confirmed that all Mac and iOS devices are exposed to this exploit.
It’s also unlikely that any antivirus tools are going to detect an attack using the Meltdown or Spectre exploit. The only way to truly protect yourself is you patch your systems.
You can read more about the Meltdown and Spectre vulnerabilities in simpler terms here: https://meltdownattack.com/
How to protect your systems against Spectre?
Like Microsoft’s Azure, ITConsult has applied patches to protect our hosted platforms and Backup as a Service (BaaS) platforms to mitigate against the Spectre vulnerability. Our virtualisation platforms are not affected by the Meltdown exploit.
Our advice to all our clients is to arrange for emergency patching of all virtualisation platforms immediately. VMware has released patches that are available for immediate release. They can be found here – https://blogs.vmware.com/security/2018/01/vmsa-2018-0002.html.
Microsoft has released patches for Windows Server systems which includes updates for Hyper-V. The Microsoft patches are only part of the fix with Microsoft recommending BIOS updates are required from hardware vendors to close the loop on the vulnerability. Details on the Microsoft patches can be read here – https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution.
As an infrastructure partner, our focus has been solely on server systems and both public and private cloud platforms. It’s important to note that all businesses will need to update all desktops, laptops, Mac systems and mobile phones as soon as patches are released from their respective vendors.
We can appreciate that shoring up your infrastructure against these vulnerabilities can be a big job. If you’d like some help in assessing your risk against these exploits and patching your systems, we can help. Please fill in the form below and we’ll get back to you ASAP to see how we can help you out.