Understanding the Spectre/Meltdown Exploits

Posted by Kevin Davis - January 05, 2018 - IT Security, security

SQ_Blog_CyberAlert.jpgA hardware security flaw has been reported this week that affects processors manufactured by Intel, AMD, ARM and POWER.  This vulnerability, if exploited, would be executed through malware infections, and could gather sensitive data such as passwords and encryption keys from computing devices.

SymQuest is closely monitoring vendor patch releases and will be coordinating updates as they are available. We have included our risk mitigation options below: 

While this security flaw is concerning, the immediate risk of a cyber attack is very low.  Additionally, processor manufacturers state that this particular exploit is a read-only exploit and cannot corrupt, modify, or delete data.  All manufacturers are working with their vendors to quickly publish patches to address this issue.


MICROSOFT

Microsoft is issuing an out-of-band security update to supported versions of Windows, these versions include Windows 10 and Server 2016.  Older software updates will be automatically starting next Tuesday, during Microsoft Patch Tuesday.  The Microsoft patch will address processors by Intel. AMD, and ARM manufacturers.Deployment Mechanism

  • Windows 10 systems and Server 2016 will be automatically updated today (January 5, 2017), once released by Microsoft.
  • Windows 7 or 8 will be updated during your next regular patching window, starting as early as next Tuesday

VMWARE

VMware has already released patched for the  CVE-2017-5753 and CVE-2017-5715 vulnerabilities for ESXi versions 5.5, 6.0, and 6.5(along with VMware Workstation and Fusion).  Information on where to find the patched is located at https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html.  So far, existing environments in which SymQuest performs quarterly patching to ESXi hypervisors have not experienced any noticeable performance degradation as a result of the patches, however; we recommend that you exercise caution when rolling out these updates to ensure user experience is unaffected by these measures.


There is speculation and disagreement on the actual performance impact of initial patches (between 10% and 30% decrease in performance) but the individual impact is also determined by the specific activities, workloads, and processes that are being handled by the processers.

Patches for other operating systems and environments are being released to remedy the issue but it should be expected that there will be more refined updates coming out in the next few weeks to attempt to decrease performance impact, and address the vulnerabilities.

If you have immediate questions about this exploit please call 1-800-374-9900 or email CustomerService@SymQuest.com and we will be happy to assist you.  

about the author

Kevin Davis

Kevin Davis is currently the Vice President of Service and Support for SymQuest, and is based in the South Burlington, VT and West Lebanon, NH office locations. Davis is responsible for the network and client support teams at SymQuest. Davis started with SymQuest in April of 2007 as an Incident Response Engineer. His love for customer service and technology quickly led him through various engineering positions where his passion for process improvement and motivating team members advanced him to management positions with increasing responsibilities leading to his present role as Vice President of Service and Support. Kevin holds many industry IT certifications and was a member of True Profits Group.

Kevin Davis
LinkedIn

Comments