Meltdown and Spectre FAQs

 

Meltdown and Spectre FAQs

Meltdown and Spectre exploit critical vulnerabilities in modern processors. These bugs allow programs to steal data being processed on the computer. Meltdown and Spectre work on personal computers, mobile devices, and in the cloud.

Meltdown

What is Meltdown?

Meltdown breaks the most fundamental isolation between user applications and the operating system. This vulnerabilities allows a program to access the memory, and thus also the secrets, of other programs and the operating system. The intrusion is executed via JavaScript calls from browsers.

Who is affected?

Every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995. Currently, It's only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.

What can I do about it?

For Microsoft endpoints, the following patches were released on January 4, 2018, to address Meltdown. 

 

Microsoft has released this article with the following recommendations:

  1. Verify that you are running a supported antivirus application before you install operating system or firmware (microcode) updates. Contact the antivirus software vendor for compatibility information.
  2. Apply all available Windows operating system updates, including the monthly Windows security updates.
  3. Apply the applicable firmware (microcode) update that is provided by the device manufacturer.

See Microsoft Security Advisory ADV180002 for updates for the following versions of Windows.

Operating system version

Windows 10 (RTM, 1511, 1607, 1703, 1709) for x64 and x86 based systems

Windows 8.1

Windows 7 SP1

For Android phones, a security update will be released on January 5, 2018. For more information on Google and Android, you can visit this link here.

For Mac OS / Apple products, Apple has released the following announcement and has already released mitigations in iOS 11.2 and macOS 10.13.2.

Popular browsers such as Chrome, Edge, and Safari are releasing updated versions of their software. Consider upgrading to the latest versions of your browsers.

 

Spectre

What is Spectre?

Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets.

Who is affected?

All modern processors are known to be affected. This includes Intel, ARM, AMD processors.

What's the difference between Meltdown and Spectre?

Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory.

What can I do about it?

The patches released to resolve Meltdown also include strengthening against Spectre. However, it is currently unclear whether they completely mitigate the vulnerability.

 

What is Kaseya doing to help?

As stated earlier in the article, the sure fire way to be protected is to keep your machines up to date. As such, leveraging Kaseya Patch Management and Kaseya Software Management will keep your systems up to date.

 

For users on our Cloud/SaaS platform, we have tested the Microsoft patch before releasing to production and expected fixes are live.

Further Reading

 

 

 

Was this article helpful?
3 out of 5 found this helpful
Have more questions? Contact us