Spectre and Meltdown Affect Intel, AMD, and ARM Processors

Credit: SANS

Note: turns out the CEO of Intel sold off ALL his stocks right after this announcement.

Intel says it plans to have software and firmware updates available by January 12 to address the Spectre and Meltdown vulnerabilities in 90 percent of the affected processors sold since 2013. The flaws affect all processors sold for the past 20 years; Intel says that fixes for older processors will be available in the future. Many companies have issued advisories about the flaws.

Editor’s Note

[Dr. Johannes Ullrich]
There are two reasons to consider not to install this patch: First of all, some anti virus products may not work after it is installed, or may even crash the system. Microsoft tried to cover this part and will disable the patch on affected systems. Secondly, systems may suffer a performance hit, in particular if they use software that heavily relies on syscalls (typically heave IO workloads). This isn’t a remote code execution, so I would test carefully and don’t fall into panic mode. Prioritize exposed shared systems.

[Brian Honan]
All devices that use these chips are affected, so we also need to think about network security devices that may be vulnerable: firewalls, proxy servers, routers, etc. Best to contact the vendors of these devices to get information from them on how they are handling it.
Read more in:
– 
www.sans.org: Meltdown and Spectre – understanding and mitigating the threats
– www.darkreading.com: Critical Microprocessor Flaws Affect Nearly Every Machine
– www.cyberscoop.com: Intel rushes to deploy firmware updates for critical CPU bug by end of next week
– www.reuters.com: How a researcher hacked his own computer and found ‘worst’ chip flaw
– www.us-cert.gov: Meltdown and Spectre Side-Channel Vulnerability Guidance
– isc.sans.edu: Spectre and Meltdown: What You Need to Know Right Now
– portal.msrc.microsoft.com: January 2018 Security Updates
– support.apple.com: About speculative execution vulnerabilities in ARM-based and Intel CPUs
– www.zdnet.com: Major Linux redesign in the works to deal with Intel security flaw

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: