Meltdown Bug found
Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug called Meltdown. It’s really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer on our network, including your workstation and all servers.
It is important to note that at this time, the industry is unaware of any active exploitation but given the scope of these vulnerabilities, it is expected that exploits will be developed.
This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system (OS). This hardware bug breaks that isolation.
If the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.
So, what needs to be done about this Meltdown bug?
All machines on all networks need to be patched. This is going to take some time, as antivirus manufacturers will be writing new updates to their software to help address this issue. Hardware manufacturers are busy writing firmware updates that will need to be installed. Microsoft and other OS manufacturers are also in the process of distributing patches that will help to address the issues. The truth is some of the patches are not even available yet.
You should also prepare for the possibility that some older hardware may require replacement to address this bug.
Systems Managed Clients
Morrison Maierle Systems (Systems) Managed Services Products use several different OS and operating environments. We are in the process of evaluating the impact and applying appropriate remediation including patches and firmware upgrades.
We are currently in investigation and compatibility testing for our Managed Anti-Virus (AV). We will keep you informed on the progress and when we will proceed with required patching.
We are in the process of implementing a plan that will address this issue in a manner that offers the least amount of interruptions for our clients and their end-users yet still deliver our high standards for client protection.
You can rest assured that Systems is doing all that can be done to make certain that our managed clients will be taken care of through this possible threat instance. As stated before, our goal is to assure that our high standard of service as well as your security and protection are not compromised through this process.
Solutions for Systems Non-Managed clients
Systems recommends that if you choose to address this internally you proceed with caution. This is a newly identified threat with no known usage of these exploits in an attack. The patches and updates designed to address the concern may have undocumented side effects that may affect productivity and/or access to critical services on your network servers and workstations.
The process to fix the Meltdown vulnerability, called Page Template Isolation, needs to be implemented at the hardware, OS, and AV levels. To ensure your systems are protected, the following steps must be taken on each one:
- Bios update for the machine
- Update chipset drivers if necessary
- Update of AV software (not just virus definitions)
- Apply OS patches
- Apply appropriate browser updates
Systems is available to help in this process, please call any one of our offices if you require assistance.
Billings – 406-237-1212
Helena – 406-495-3525
Missoula – 406-542-4855
Bozeman – 406-922-6868
Regardless of your Systems service level, we truly need you to be extra vigilant over the next few months, keeping security top of mind.
Think Before You Click.
If you would like more information, please refer to the exploit overview and applicable security bulletin for your OS.
Exploit overview https://meltdownattack.com/
Microsoft’s bulletin https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
Redhat’s bulletin https://access.redhat.com/security/vulnerabilities/speculativeexecution
VMware’s bulletin https://lists.vmware.com/pipermail/security-announce/2018/000397.html
Xen’s bulletin https://xenbits.xen.org/xsa/advisory-254.html
Citrix’s bulletin https://support.citrix.com/article/CTX231399
Ubuntu’s bulletin https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown