Security - Meltdown and Spectre
Contents
1 Overview
A security issue has been found by Google researchers in Intel and AMD processors. https://meltdownattack.com/
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.
Which systems are affected by Meltdown?
Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.
Which systems are affected by Spectre?
Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.
The good news is that is was found by White Hat hackers. The good guys. They reported the issue to Intel and AMD without telling the world first. This has given the companies a chance to develop responses.
If the issue has been used historically it cannot be detected.
The technical explanation is available here https://lwn.net/Articles/738975/
2 Detection and correction
The primary detection tool to identify if there is an issue is https://downloadcenter.intel.com/download/27150?v=t
The results are put into a text file
The situation is developing globally with many agencies reporting updates as manufacturers create them https://www.cnet.com/uk/how-to/how-to-fix-meltdown-spectre-intel-amd-arm-windows-mac-android-ios/
3 Is bxp affected
All n One take their security and patch management very seriously.
Our servers are updated every Thursday out of hours with a custom security review. Daily, weekly, monthly and quarterly checks all focus on different aspects requiring greater or lesser frequency.
Our office solutions have been managed using ManageEngine Desktop Central for over a year now. Our latest snapshot, as of January 4th 2018, we can instantly see which patches are and aren't applied based on all patches available globally, on machines throughout our organisation.
2018-01-04
- Our one red needs its Firefox, Chrome and CCleaner updated. On a laptop with a staff member not in the office until 2018-03-08. Machine is currently powered off.
- Our one orange is an archived machine which needs its OS and hard drive updated. Machine is currently powered off.
- Our one yellow is a failed hard drive which is being replaced by Infrastructure. Machine is currently powered off.
As part of Desktop Central we also maintain a full machine inventory list which allows us be aware of what firmware updates are required infrastructure wise as soon as they are available.
We also maintain an actively running and what's installed application list to ensure no unauthorised programs are running.
4 Contact
If you have any concerns please contact us at support@bxpsoftware.com and our Security or support teams will respond to help in any way we can.
