Meltdown and Spectre: What you need to know!
Here we are at the start of 2018 with a significant security issue that has a known resolution ready to go. Sound familiar? Well it probably should because we started 2017 pretty much the same way. As you might recall, the Shadow Brokers had disclosed the SMB exploits that later led to many global cyber security events.
The CPU vulnerabilities known as Meltdown (Intel only) and Spectre (Intel, AMD, and Arm) were discovered by several independent researchers using multiple proof-of-concept examples of the attack methods. They stole credentials in real time and did other interesting things like allowing a user mode process in a VM environment to gain access to other data being processed on the same physical hardware. For some light reading on the issues please see the following list.
- CERT Vulnerability Note VU#584653
- Intel Security Advisory (Intel-SA-00086)
- Microsoft Security Advisory (ADV180002)
There have been several days of headlines, write-ups, PoC posts, and more on what the issues are. I want to focus more on the actions everyone should be taking and share a few of the write-ups on that. All the advisories outlined above give the same basic guidance:
Read the entire article here, Meltdown and Spectre: What you need to know!
Via the fine folks at Ivanti.