Spectre and Meltdown Notification

Many of you may have seen in the media or heard form a friend about the computer vulnerability called Spectre and Meltdown.  This is a significant vulnerability in the sense that it impacts a very large amount of devices from Computers, Phones, Laptops and tablets.

The threat that has been discovered is at a very low hardware level.  Intel have also acknowledged that this issue exists. In simple terms the vulnerability allows at the chip level an application to potentially access the Random Access Memory in use by other applications.  This would potentially mean that information currently in the memory could at that specific point in time be accessed. The risk is minimal that any information could be gathered this way but it is possible.

The complexity for resolving this issue is that the vulnerability is at the chip level. Thus there is no simple software resolution but it is rather risk mitigation. One of the issues with all of the mitigations is that they will incur a performance hit to the system.  There is no definitive amount but estimates are 4%-10%. Also replacing your device with a new one is not the solution as the chip is the issue and until new chips are fabricated this will not change.

To this end Intel, Microsoft, Apple, Android and other Operating systems along with Antivirus Applications are working on and pushing out software patches to aid in mitigating the risk. Microsoft’s Response can be seen here. However, our advice is to proceed slowly with Intel and Microsoft both having some issues with the initial patches they released.  One account had several systems in one company crashing, another where the existing AV software blocked a patch.  That said Microsoft’s patching is now rolling out.  To check if your system has vulnerability there is a tool that can be run for this.  Click here to download the tool

An additional recommendation is also to update the BIOS for all systems, this cannot be completed remotely or via script and will require each system to be addressed individually and onsite.  Whilst an option this would be cost prohibitive on a large scale.

It is important to note that the possibility of accessing this vulnerability so very slim.  You would likely need to be a high level target that is specifically being attacked by a very well organised and complex attack.  In many ways the utilisation of this attack could be described as being out in the middle of the bay with a hand speak and expecting to be able to throw it into the water and catch very specific fish.  the chances are very very small.

If you are an MTI Agreement customer our systems are monitoring and pathing your PCs greatly reducing your attack surface by implementing the mitigation strategies.

No Comments Yet.

Leave a comment