Spectre and Meltdown Chip Based Security Vulnerabilities – Where Are We Now?

In January we learned about a pair of cybersecurity vulnerabilities called Spectre and Meltdown.  Discovered last summer by different security researchers, these vulnerabilities are proving difficult to mitigate because the problem exists in the way central processing units (CPUs) have been designed and manufactured.  These processor cores are at the heart of all computer hardware, from PCs and servers, to smartphones, networking gear, you name it.  Hardware problems, as opposed to operating system or applications vulnerabilities, are not easily mitigated.  The best fix would be to replace the defective hardware.  But since this issue affects nearly every processor manufactured in the last 20 years, replacement is not a realistic option.

Patches have been pushed out, with results that have produced new problems.  A marked decrease in performance, up to 30%, or systems that continuously reboot, or won’t boot at all have plagued some of the early fixes.  Then new patches have to be pushed out to fix the bad patches.

To help with this herculean task, Microsoft has developed an update to its Windows Analytics service to help information technology professionals analyze how Meltdown and Spectre patches have been deployed to individual systems across the LAN, and where security patching still needs to happen.

The service is available for Enterprise, Professional, and Education editions of Windows 7 SP1, Windows 8.1, and Windows 10, and presumably current Server versions.  It requires an Azure Active Directory subscription.

The new features include:

  • Windows OS Security Update Status – This will show which Windows security updates are running on each device, and if any of the updates has been disabled.
  • Firmware Status – This report shows what chipset firmware version is installed on any device.
  • Anti-malware Status – This will show if any Windows updates are incompatible with the installed endpoint anti-malware product.

If you are running a Microsoft network, this is a tool that may be beneficial for your IT department.

Additionally, Intel recently has published which systems are safe to apply its microcode updates to mitigate variant 2 of the Spectre vulnerability.  You will need an Intel account to log in for the information.

The really bad news is that most of these patches and updates offer only a partial fix, and to some extent this vulnerability will continue to exist until the current installed base of devices is eventually replaced with new gear.  In the interim, hardware exploits will be added to the tool kit of cyber-criminals, government intelligence agencies, and other bad actors.  Not good news to be sure.

More Information:


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.