How to Protect Yourself Against Meltdown & Spectre Flaws
*Updated to reflect the latest in Spectre and Meltdown exploit news
Since the beginning of January, when exploits Meltdown and Spectre were first announced to the public, companies have been churning out system patches. It has been an ongoing, collaborative enterprise between processor manufacturers Intel, Qualcomm, AMD, and ARM, and the companies that implement their chips, including Microsoft, Apple, Google, Amazon, and the Linus Project. The results have been mixed, to say the least, raising doubts over the efficacy of these first and second-wave patches.
This past Friday, January 26, Intel issued a press release addressing their recent chip patches, explaining that they "may results in adverse performance, reboots, system instability, data loss or corruption, unpredictable system behavior, or the misappropriation of data by third parties." Prior to the statement, users were reporting unexpected device restarts, sluggish performance, loss of data, and in extreme cases, system crashes. Unfortunately, Intel is not alone in the struggle for a perfect patch. Lenovo and Dell have both withdrawn new firmware patches, and Microsoft detailed a spike in "vulnerability-related Windows slowdowns." IT services group Red Hat, which became aware of the exploits before they were disclosed to the public, also withdrew Spectre patches. For more sensitive systems, including those in the industrial and medical sectors, these updates have been broached with a certain degree of reservation.
This begs the question - why so many patch-related problems?
For starters, the scope of affected devices is unprecedented. If you own a device that was produced in the past 20 years, it is likely running on a processor affected by these exploits. And because these exploits exist at an architectural level, all software platforms are vulnerable. Furthermore, there is tremendous variety in device type and operating system. Some devices have aged out of applicable updates, and others do not have the bandwidth to efficiently operate under new patches. Spectre, more so than Meltdown, has also proven itself a formidable opponent. It has been a greater challenge to patching, as it represents a class of vulnerability, rather than a single bug in need of fixing. When describing the scale of Spectre's influence, David Kennedy, CEO of TrustedSec, explained "We've never seen such an expansive bug like this that impacts literally every major processor."
Of course, the rush for system updates has also attracted the attention of cybercriminals. Looking to capitalize on the confusion surrounding system patches, hackers have already begun to send out malware masquerading as Spectre and Meltdown solutions. In Germany, malicious emails impersonating the Federal Office for Security and IT contained links to seemingly legitimate patches. In the coming weeks, remember to only download system patches directly from legitimate, recognizable sources such as Microsoft or Intel.
CRNtv recently interviewed iCorps CEO Mike Hadley on the Spectre and Meltdown exploits, and the future of vulnerability analysis:
Researchers recently discovered two security flaws that exploit critical vulnerabilities in modern processors. The flaws, dubbed “Meltdown” and “Spectre,” leave generations of processors vulnerable to attack and stolen data including passwords. These hardware bugs allow programs to steal data processed on a device, according to the researchers’ findings. Desktops, laptops, smartphones, and cloud servers may all be affected by Spectre, and essentially every Intel processer is affected by Meltdown.
The Department of Homeland Security has issued this alert on its website. While major technology leaders have issued emergency patches, they are still working to uncover the full impact of these vulnerabilities and next steps. In a public statement, Microsoft said that it “had not received any information to indicate that these vulnerabilities have been used to attack customers at this time.”
iCorps will remain on top of any updates that are released on these vulnerabilities and will post them here if further steps can be taken.
Consider Taking the Following Precautionary Steps to Help Protect Yourself and Your Organization:
Use a modern Operating System such as Windows 10 Enterprise
Patch all applications and core operating systems automatically
Keep anti-virus up to date, we recommend updating more than once per day
Use cloud services that offer advanced protection to validate web traffic
iCorps takes all security threats and their potential impact to our clients very seriously. We firmly believe in being proactive when it comes to technology and arming our clients against cyber threats, downtime, data loss, and disasters. We partner with several different technology leaders to provide comprehensive defense-in-depth cybersecurity solutions to our clients. Although no solution can provide 100% protection, we can help with the implementation of technology safeguards to help you improve your security posture.