On January 3rd, 2018, two serious security vulnerabilities were publicly acknowledged that could let attackers steal sensitive data including passwords and banking information. These vulnerabilities have been found in processors designed by Intel, AMD and ARM. The flaws, named Meltdown and Spectre, can possibly affect virtually every modern computer, including smartphones, tablets and PCs from all vendors and running almost any operating system. For detailed information about these vulnerabilities and impacted systems, please visit https://www.kb.cert.org/vuls/id/584653.
In order to address these vulnerabilities, Integration Partners recommends all organizations to determine their level of exposure and implement the appropriate patches. Patches for Linux and Windows are already available (see below). Also, it is recommended to ensure all supporting security technologies, Anti-Virus, Intrusion Prevention, etc are up to date as a compensating control to nefarious activities related to these vulnerabilities.
- Microsoft has published patches information for their while other versions of Windows are expected to be patched on the traditional Patch Tuesday on January 9, 2018. Microsoft has also issued a guidance document for mitigations on client devices. Please note that the patches released by Microsoft may be incompatible with certain antivirus software.
- MacOS 10.13.2 mitigates some of the disclosed vulnerabilities, but MacOS 10.13.3 will enhance or complete these mitigations.
- Processor vendor links
Other software vendor patches:
Cloud services are also affected by the security problems. Google said it updated its G Suite and cloud services, but that some additional customer action may be needed for its Compute Engine and some other Cloud Platform systems.
Amazon said all but a “small single-digit percentage” of its Amazon Web Services EC2 systems were already protected, but that “customers must also patch their instance operating systems” to be fully protected.
Lastly, as of January 4th, 2018, according to US-Computer Emergency Readiness Team (CERT):
“US-CERT is not aware of any active exploitation at this time and will provide additional information as it becomes available.”
Further updates will be provided once available and can be found at www.integrationpartners.com or by contacting us at 781.357.8599.