Spectre and Meltdown Chip Based Security Vulnerabilities – Where Are We Now?

In January we learned about a pair of cybersecurity vulnerabilities called Spectre and Meltdown.  Discovered last summer by different security researchers, these vulnerabilities are proving difficult to mitigate because the problem exists in the way central processing units (CPUs) have been designed and manufactured.  These processor cores are at the heart of all computer hardware, from PCs and servers, to smartphones, networking gear, you name it.  Hardware problems, as opposed to operating system or applications vulnerabilities, are not easily mitigated.  The best fix would be to replace the defective hardware.  But since this issue affects nearly every processor manufactured in the last 20 years, replacement is not a realistic option.

Patches have been pushed out, with results that have produced new problems.  A marked decrease in performance, up to 30%, or systems that continuously reboot, or won’t boot at all have plagued some of the early fixes.  Then new patches have to be pushed out to fix the bad patches.

To help with this herculean task, Microsoft has developed an update to its Windows Analytics service to help information technology professionals analyze how Meltdown and Spectre patches have been deployed to individual systems across the LAN, and where security patching still needs to happen.

The service is available for Enterprise, Professional, and Education editions of Windows 7 SP1, Windows 8.1, and Windows 10, and presumably current Server versions.  It requires an Azure Active Directory subscription.

The new features include:

  • Windows OS Security Update Status – This will show which Windows security updates are running on each device, and if any of the updates has been disabled.
  • Firmware Status – This report shows what chipset firmware version is installed on any device.
  • Anti-malware Status – This will show if any Windows updates are incompatible with the installed endpoint anti-malware product.

If you are running a Microsoft network, this is a tool that may be beneficial for your IT department.

Additionally, Intel recently has published which systems are safe to apply its microcode updates to mitigate variant 2 of the Spectre vulnerability.  You will need an Intel account to log in for the information.

The really bad news is that most of these patches and updates offer only a partial fix, and to some extent this vulnerability will continue to exist until the current installed base of devices is eventually replaced with new gear.  In the interim, hardware exploits will be added to the tool kit of cyber-criminals, government intelligence agencies, and other bad actors.  Not good news to be sure.

More Information:

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.