IS YOUR COMPUTER AFFECTED BY THIS WEEK’S VULNERABILITY?
Most likely, your computer – whether a PC or a Mac – could be affected. The best thing you can do is take action to protect your hardware, and thus, your data. Here’s how:
Magna5 is aware of a joint disclosure regarding two critical vulnerabilities in modern processors called Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). Both exploits allow software programs to gather sensitive data when it is currently being processed on the machine. At the writing of this post, almost all processors made from 1995 to present day are affected. Intel, AMD, Google, Microsoft, Apple, Amazon, ARM and many other companies have confirmed to be affected.
Meltdown – What is it?
The vulnerability allows an attacker to read kernel memory and break isolation between applications and OS. This content could contain passwords and valuable application data. Whether you use a personal machine or a machine in a cloud environment, the underlying hardware is likely affected. This exploit would require access to your local machine with administrative privileges. An attacker may use malware as a delivery mechanism or an already know unpatched issue within your browser or operating system. Many patches are already available to resolve this defect.
Spectre – What is it?
While Meltdown breaks isolation, Spectre tricks applications into revealing its location within memory. This allows applications to leak their information to the attacker. At this point in time, this is extremely difficult to exploit and will likely take time to fix as many processors will have to be re-coded.
Affected Products and Current Fix Status
Internet Browsers – All major internet browsers are affected and here is how you can protect yours.
Microsoft Internet Explorer\Edge – Install the latest Windows Updates for your system, see below for more detail
Mozilla Firefox – Update to 57.0.4 to resolve both exploits
Chrome – Fix due on or before Jan 23, 2018
Safari – Update to 11.0.2
Windows Operating Systems
Windows Server 2016 \ Windows 10 – Install KB4056890
Windows Server 2012 R2 \ Windows 8.1 – Install KB4056898
Windows Server 2008 R2 \ Windows 7 SP1 – Install KB4056897
If the patch does not show as needed through Windows Updates, it is most likely due to third party Antivirus being present. Security vendors are required to confirm compatibility before the patch shows available for install. Currently many Antivirus companies have not yet approved the patch. This would also leave both Microsoft IE and Edge vulnerable to exploit. Workarounds are available to install manually, but it is currently not recommended.
Many other devices are currently affected by this. Apple has detailed all of their Mac and iOS devices are vulnerable. Google has determined all of their phones are vulnerable but if you are on the latest software update you are safe. Cloud providers such as Microsoft Azure and Amazon AWS are currently patching their underlying systems to resolve these exploits. VMware is not affected by Meltdown, but it is affected by both Spectre variants. VMware has released patched to address the exploits.
Magna5 can help you secure your Technology & Communications Infrastructure
Magna5 is currently working to upgrade all hosted infrastructure to resolve these exploits. We are actively working on deploying the required patches to our Patch Management and Managed Antivirus customers. If you require assistance in resolving these issues or need more information please contact the Operations Center (firstname.lastname@example.org)
Update: Existing Magna5 Managed Detection and Response customers have appliances that help identify systems on your network that have not been patched and systems that may be exploited by Meltdown and Spectre. Vulnerability and network IDS signatures have been updated to identify vulnerable systems of the various attack vectors. This means that if your organization is vulnerable, Magna5 will know and be able to respond quickly.