Meltdown and Spectre FAQs
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These bugs allow programs to steal data being processed on the computer. Meltdown and Spectre work on personal computers, mobile devices, and in the cloud.
Meltdown
What is Meltdown?
Meltdown breaks the most fundamental isolation between user applications and the operating system. This vulnerabilities allows a program to access the memory, and thus also the secrets, of other programs and the operating system. The intrusion is executed via JavaScript calls from browsers.
Who is affected?
Every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995. Currently, It's only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.
What can I do about it?
For Microsoft endpoints, the following patches were released on January 4, 2018, to address Meltdown.
Microsoft has released this article with the following recommendations:
- Verify that you are running a supported antivirus application before you install operating system or firmware (microcode) updates. Contact the antivirus software vendor for compatibility information.
- Apply all available Windows operating system updates, including the monthly Windows security updates.
- Apply the applicable firmware (microcode) update that is provided by the device manufacturer.
See Microsoft Security Advisory ADV180002 for updates for the following versions of Windows.
Operating system version |
Windows 10 (RTM, 1511, 1607, 1703, 1709) for x64 and x86 based systems |
Windows 8.1 |
Windows 7 SP1 |
Warning
Customers should install all monthly Windows 2018 security updates to receive the benefit of all known protections against the vulnerabilities. In addition to installing these security updates, a processor microcode, or firmware, an update is required. This should be available through your OEM device manufacturer.
Note Surface customers will receive a microcode update through Windows update. For a list of available Surface device firmware (microcode) updates, see KB 4073065.
For Android phones, a security update will be released on January 5, 2018. For more information on Google and Android, you can visit this link here.
For Mac OS / Apple products, Apple has released the following announcement and has already released mitigations in iOS 11.2 and macOS 10.13.2.
Popular browsers such as Chrome, Edge, and Safari are releasing updated versions of their software. Consider upgrading to the latest versions of your browsers.
Spectre
What is Spectre?
Spectre breaks the isolation between different applications. It allows an attacker to trick error-free programs, which follow best practices, into leaking their secrets.
Who is affected?
All modern processors are known to be affected. This includes Intel, ARM, AMD processors.
What's the difference between Meltdown and Spectre?
Meltdown breaks the mechanism that keeps applications from accessing arbitrary system memory. Consequently, applications can access system memory. Spectre tricks other applications into accessing arbitrary locations in their memory.
What can I do about it?
The patches released to resolve Meltdown also include strengthening against Spectre. However, it is currently unclear whether they completely mitigate the vulnerability.
What is Kaseya doing to help?
As stated earlier in the article, the sure fire way to be protected is to keep your machines up to date. As such, leveraging Kaseya Patch Management and Kaseya Software Management will keep your systems up to date.
For users on our Cloud/SaaS platform, we have tested the Microsoft patch before releasing to production and expected fixes are live.
Further Reading
- https://meltdownattack.com
- https://meltdownattack.com/meltdown.pdf
- https://spectreattack.com/spectre.pdf
- https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
- https://developer.arm.com/support/security-update
- https://www.amd.com/en/corporate/speculative-execution
- https://blog.google/topics/google-cloud/what-google-cloud-g-suite-and-chrome-customers-need-know-about-industry-wide-cpu-vulnerability/