Meltdown and Spectre CPU Exploits

Understanding the impact of Meltdown and Spectre CPU exploits.

Overview

Recently modern CPU hardware companies have released notices that implementations from the last decade have been found vulnerable to attacks. This design flaw could allow attackers to obtain sensitive information. These two attacks are now known as Meltdown and Spectre.

Impact

To fix the flaw security patches have been released by major industry players. These security patches come with new hardware and software requirements that may break the compatibility with specialized applications such as security products.

Solution

Since these issues are hardware related and vary dependent on specific software, complete fixes will be complex and can take a while to make production. Fortunately while Meltdown is easier to exploit, it’s also easier to patch, while Spectre is a harder problem to patch, it is also much harder to exploit.

Currently vendors like Microsoft, Apple, and Linux are releasing patches that will provide protection against the Meltdown attacks. Unfortunately, the patch causes anywhere from 5%-30% decrease in overall software performance.

CPU vendors are working to release Firmware updates to patch the Spectre exploit but this is slow going.

Additional Notes

One of the biggest affected software products is Antivirus software. Antivirus software uses direct CPU interaction and machine learning to find and mitigate threats. With the patches and firmware updates that are being released AV companies are testing and releasing updates to make sure that they can still protect your devices.

What Williams Innovation is doing?

Williams Innovation is actively testing and deploying patches for all operating systems. As firmware updates are released we will develop a plan of action to make sure all of our managed endpoints are updated and protected.

BitDefender, the AV company that Williams Innovation uses, has already tested and released updates for Windows, MAC, and some Linux platforms as of January 8^th 2018. We have our configuration set to automatically update as the updates become available so that our partners are protected.

As always, we remind users to avoid suspicious email attachments, documents, and websites. Make sure you are using long and complex passwords to prevent unauthorized users from accessing your systems.

For more information regarding these exploits or for any concerns you may have please reach out to use directly by emailing the help desk or calling the office.