As you may be aware, a story recently broke surrounding exploits found in all major processor brands.
“Meltdown” affects every processor manufactured by Intel since 1995 (with a couple of minor exceptions) and although there are no direct links, ARM has also introduced countermeasures against it.
“Spectre” on the other hand affects pretty much every major processor. The exploit is extremely difficult to execute, but it’s a security risk regardless.
What it means for you
Companies have been scrambling to release patches and updates as it not only affects the Processors, but the Operating Systems they run on also.
Here’s a quick 'current state-of-play' breakdown of affected hardware, software and products and what’s being done.
Bad news Apple fans, all products (except Apple Watch) are affected.
The good news, is that the issues have already been mitigated for Meltdown and partial fixes for Spectre. More updates to come shortly. Apple security updates can be found here: https://support.apple.com/en-gb/HT201222
iPhones, iPads, iPod - upgrade to iOS 11.2
MacBooks, iMacs - upgrade to macOS 1.13.2
Safari - upgrade to 11.0.2
Apple TV - upgrade to tvOS 11.2
More patches and updates will be released in the coming weeks.
The main bulk of their products and mitigation status can be found here: https://support.google.com/faqs/answer/7622138
The ones that affect our customers the most however are listed below.
Google Infrastructure (YouTube, Google Ads, Search) - issue mitigated, no further action.
G Suite - issue mitigated, no further action.
Google Chrome - no report on a patch, but customers can now turn on Site Isolation to enhance security. Site Isolation is optional, but forces each website to load it's own process to stop data theft. This can be applied via Group Policy also. Please see this article for more information: https://support.google.com/chrome/a/answer/7581529
Android - a mixed bag, the latest ARM processors were updated in the 2018-01-05 SPL. Update your phone ASAP (if possible).
First things first - Windows XP will NOT be getting this patch. If you have any devices still running this, please get in touch.
There's not much else to say other than all Microsoft products are affected. Microsoft have released a security update on 3rd January, but this is only available with compatible Anti-Virus software. Most of our customers are running compatible Anti-Virus, provided by Tekkers and are therefore protected. The list is quite extensive, so if you have any concerns - please get in touch.
There have been reports of slowness and AMD processors not allowing the device to boot. However, the security risk outweighs the performance hits and we recommend to update ASAP.
We will be rolling out the patches to our customers over the course of this week for Workstations and Servers will be automatically updated on their next scheduled patch window.
Many scenarios suggested by security experts have included the use virtualisation technology.
VMware have responded, and as of 12th January, released fixes for all their major products, including ESXi, Workstation and Fusion.
Further information can be found in their Security Advisory VMSA-2018-0002.2: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
VMware have reported that their products are not affected if the Guest Operating Systems are patched.
Other vendors of hardware and software are slowly playing catch up and releasing tidbits of information, advise and eventually patches. Although this is a huge security risk, you’re still more likely to be a victim of a phishing attack (personal data stolen), as these exploits are difficult to pull off and have to be very targeted.
Tekkers IT recommend that if you’re not sure - ask us.
[Update 10th Jan 14:00]
A Microsoft Security Patch (KB4056892) that was released to resolve Spectre has been found to be breaking PCs running AMD Athlon Processors. This is a small number of machines and we believe the patch is being pulled from Microsoft's updates. Please avoid installing this update for the time being.
AMD have stated that they are "... aware of an issue with some older generation processors following installation of a Microsoft security update that was published over the weekend. AMD and Microsoft have been working on an update to resolve the issue and expect it to begin rolling out again for those impacted shortly."
[Update 15th Jan 11:30]
The post has been update to reflect the announcement by VMware.