Meltdown and Spectre

What are Meltdown and Spectre?

Meltdown and Spectre are new security exploits that have been discovered.  These exploits operate on the CPUs of PCs and Servers.

What do they do?

Google described the attacks in the following way.

Meltdown breaks the most fundamental isolation between user applications and the operating system. This attack allows a program to access the memory, and thus also the secrets, of other programs and the operating system.

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets. In fact, the safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre.

What  does this mean?

Essentially if these exploits were used, a potential attacker could gain access to very secure low-level information inside a system.  Passwords and keys could be compromised.  They way these attacks work also makes it very difficult to detect and mitigate.

What is to be done?

Operating Systems around the world will need to be updated to prevent against this attack.  Right now most OS vendors are delivering and pushing updates out for their respective products.

For our customers that are subscribed to HubWise Technology Managed Services:

These updates will be pushed out automatically tonight to ensure that you are up-to-date.  At this time there is no action for you to take beside leaving your PC on to ensure that it gets updates.  This update will most likely need a reboot and you will receive a pop-up indicating when to do that.

For our customers that work with us on an hourly basis:

Please contact us about helping you with these updates and ensuring that they are installed.

What are the current risks?

We believe these to be pretty limited right now.  The exploit itself is still under embargo from being show in the public, so not many people know how to take advantage of it.  This should give everyone enough time to properly patch their systems.

OS Specifics

Windows Server 2016 and Windows 10 – Windows Update KB4056892
Windows Server 2012 R2 and Windows 8.1 – Microsoft Update KB4056898
Windows Server 2008 and Windows 7 SP1 – Windows Update KB4056897

Mac OS – 10.13.2 is already patched – HT208394
iPhone – 11.2.2 available – HT208401

Android Devices – Google says updates were pushed to manufactures in December, but it will be up to the device manufacturer to release the update for the device.  Pixel and Nexus devices will receive updates in the coming weeks. – Android Security Bulletin

We will be keeping this post up-to-date as more information becomes available.