April 13, 2018 Twin State Technical Services ref: Meltdown and Spectre Vulnerabilities
It seems fitting on Friday the 13th to talk about some of the scarier results in technology vulnerabilities. The design flaws in chipsets will take 3 – 5 years of architecture redevelopment to completely eliminate – so as a consumer, you don’t need to hold off on buying a laptop or surface – and in the meantime, vendors continue to release updates mitigate risks to computer systems and users.
Twin State is actively monitoring the corrective patches for the “Meltdown” and “Spectre” vulnerabilities. Below are many links and statements from numerous sources that convey the current temperature of the issue. Some background on the issue: There are three known vulnerabilities. One is called Meltdown and the remaining two are called Spectre, but the two have different flaws. These different types of vulnerabilities are called “Variants”.
- Variant 1 is Spectre (CVE 2017-5753)
- Variant 2 is Spectre (CVE 2017-5715)
- Variant 3 is Meltdown (CVE 2017-5754)
Of these three variants, Variant 1 and 3 are easily fixed and patched. The issue is with Variant 2. All fixes presented by Intel, Microsoft, etc. have caused serious performance degradation and in many cases, the computer received the Blue Screen Of Death (BSOD), especially with those computers that have the AMD processors. The flaw has been present for 20 years or more and as of the time when the issue was made public, there were no known exploits in use. Since the public announcement, however it can be assumed that malicious hackers are pouring over the details of the vulnerabilities. On Jan 11th, Intel told several of their most important customers to avoid installing the patches until further notice. This does not mean they’ve stopped working on the fix, but it does mean that we at Twin State are increasing our efforts to make sure our customer’s devices are as protected as possible. One of the most important and easiest ways that we’re doing this is through your Anti-Virus (AV). Microsoft has released patches and updates that will ensure the most secure system possible during this ‘in-between patches’ time. Microsoft has identified a registry key that needs to be modified by your AV to receive their update. In fact, without this Registry change, you will no longer be able to receive any Microsoft updates. They have published a table that shows which AV companies have complied with the requirement and only require you to update your AV to modify the key. The rule of thumb here is to Update your AV, then update your system with the latest Microsoft updates. Along with Firmware updates to your devices (which should be done regularly anyway), is to just be cautious about opening unknown emails, browsing to internet sites that are questionable, or installing software of any type that may not be necessary or approved. Doing these simple things will help keep you safe and is just good practice. Twin State is committed to ensuring your data is safe and secure and we will continue to make sure your systems are as secure as possible. If you have any additional questions or concerns, please feel free to reach out to us at (563) 441-1504.
For additional information:
- https://support.microsoft.com/en-us/help/4073757/protect-your-windows-devices-against-spectre-meltdown
- https://support.microsoft.com/en-us/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software
- https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html