AssuranceData Meltdown/Spectre Security Alert

AssuranceData Meltdown/Spectre Security Alert

Spectre and Meltdown Overview and Mitigation Details

Overview: As of January 3rd, 2018, multiple vendors started publicly releasing patches for CRITICAL security flaws related to modern CPU architecture vulnerabilities “Spectre” and “Meltdown”.

  • Spectre: Exploits speculative (predictive) execution to allow user process to see Kernel memory
  • Meltdown: Exploits a Kernel process flaw that runs rogue data (out of order execution) when a process is faulted from a user process

Updates:

Windows has updates [MANUALLY DEPLOYED] in some cases.

The patches can conflict with certain Antivirus products and cause a blue screen. o To get the patches, a registry key must be set
Some AV vendors are setting the registry key automatically
Other hardware firmware updates are often required

Mitigations:

  1. Update Firmware on all devices when related patches are released
  2. Update all Operating systems when related patches are released
  3. Provide layered security protections, behavioral analytics, and data transmission monitoring and control
  4. Spectre/ Meltdown system health checks
  5. Spectre/ Meltdown exploit detection tools