Spectre and Meltdown Chip Based Security Vulnerabilities – Where Are We Now?

In January we learned about a pair of cybersecurity vulnerabilities called Spectre and Meltdown.  Discovered last summer by different security researchers, these vulnerabilities are proving difficult to mitigate because the problem exists in the way central processing units (CPUs) have been designed and manufactured.  These processor cores are at the heart of all computer hardware, from PCs and servers, to smartphones, networking gear, you name it.  Hardware problems, as opposed to operating system or applications vulnerabilities, are not easily mitigated.  The best fix would be to replace the defective hardware.  But since this issue affects nearly every processor manufactured in the last 20 years, replacement is not a realistic option.

Patches have been pushed out, with results that have produced new problems.  A marked decrease in performance, up to 30%, or systems that continuously reboot, or won’t boot at all have plagued some of the early fixes.  Then new patches have to be pushed out to fix the bad patches.

To help with this herculean task, Microsoft has developed an update to its Windows Analytics service to help information technology professionals analyze how Meltdown and Spectre patches have been deployed to individual systems across the LAN, and where security patching still needs to happen.

The service is available for Enterprise, Professional, and Education editions of Windows 7 SP1, Windows 8.1, and Windows 10, and presumably current Server versions.  It requires an Azure Active Directory subscription.

The new features include:

  • Windows OS Security Update Status – This will show which Windows security updates are running on each device, and if any of the updates has been disabled.
  • Firmware Status – This report shows what chipset firmware version is installed on any device.
  • Anti-malware Status – This will show if any Windows updates are incompatible with the installed endpoint anti-malware product.

If you are running a Microsoft network, this is a tool that may be beneficial for your IT department.

Additionally, Intel recently has published which systems are safe to apply its microcode updates to mitigate variant 2 of the Spectre vulnerability.  You will need an Intel account to log in for the information.

The really bad news is that most of these patches and updates offer only a partial fix, and to some extent this vulnerability will continue to exist until the current installed base of devices is eventually replaced with new gear.  In the interim, hardware exploits will be added to the tool kit of cyber-criminals, government intelligence agencies, and other bad actors.  Not good news to be sure.

More Information:

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.