Spectre and Meltdown Chip Based Security Vulnerabilities – Where Are We Now?

In January we learned about a pair of cybersecurity vulnerabilities called Spectre and Meltdown.  Discovered last summer by different security researchers, these vulnerabilities are proving difficult to mitigate because the problem exists in the way central processing units (CPUs) have been designed and manufactured.  These processor cores are at the heart of all computer hardware, from PCs and servers, to smartphones, networking gear, you name it.  Hardware problems, as opposed to operating system or applications vulnerabilities, are not easily mitigated.  The best fix would be to replace the defective hardware.  But since this issue affects nearly every processor manufactured in the last 20 years, replacement is not a realistic option.

Patches have been pushed out, with results that have produced new problems.  A marked decrease in performance, up to 30%, or systems that continuously reboot, or won’t boot at all have plagued some of the early fixes.  Then new patches have to be pushed out to fix the bad patches.

To help with this herculean task, Microsoft has developed an update to its Windows Analytics service to help information technology professionals analyze how Meltdown and Spectre patches have been deployed to individual systems across the LAN, and where security patching still needs to happen.

The service is available for Enterprise, Professional, and Education editions of Windows 7 SP1, Windows 8.1, and Windows 10, and presumably current Server versions.  It requires an Azure Active Directory subscription.

The new features include:

  • Windows OS Security Update Status – This will show which Windows security updates are running on each device, and if any of the updates has been disabled.
  • Firmware Status – This report shows what chipset firmware version is installed on any device.
  • Anti-malware Status – This will show if any Windows updates are incompatible with the installed endpoint anti-malware product.

If you are running a Microsoft network, this is a tool that may be beneficial for your IT department.

Additionally, Intel recently has published which systems are safe to apply its microcode updates to mitigate variant 2 of the Spectre vulnerability.  You will need an Intel account to log in for the information.

The really bad news is that most of these patches and updates offer only a partial fix, and to some extent this vulnerability will continue to exist until the current installed base of devices is eventually replaced with new gear.  In the interim, hardware exploits will be added to the tool kit of cyber-criminals, government intelligence agencies, and other bad actors.  Not good news to be sure.

More Information:

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.
  Related Posts

Add a Comment