You should not panic, though. Continue to maintain good security practices, but specifically ensure your operating system, browser, and antivirus software are up to date. It may require a shift in priorities if you do not have strong, automated patching processes.

Patch your operating systems, browsers, and other software
- - Prioritize patching your browser(s)
- - Windows updates may need a BIOS update too
  - Patch and advisory tracking: https://www.us-cert.gov/ncas/alerts/TA18-004A
- Understand your anti-virus product impact. These types of software may cause problems with Windows updates - the windows patch may not be available until anti-virus updates are available.
  - IMPORTANT NOTE: If you are not running a Microsoft supported anti-virus, the Windows patch may need to be manually enabled (requires register key setting change).
  - If you apply the registry setting with an unsupported anti-virus, you risk a BSOD
- Understand your cloud infrastructure (IaaS) impact. Your provider may reboot your host(s) but you will still need to apply OS and software patches.

Important note: Patches may impact performance, especially on servers and systems with already high load. Reduced performance on Intel-based Microsoft Windows, MacOS, or Linux servers may be experienced as the operating systems are patched to close the security hole. One projections puts this at a performance reduction between 17% and 23%. So far, real life testing on Linux suggestions < 10%.

How to Detect Vulnerability

Tenable

- TBD but will require authenticated or agent based scan

Microsoft

- Microsoft powershell script: https://support.microsoft.com/en-hk/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
  - May require to use the setting: Set-ExecutionPolicy Bypass

Summary Articles and Useful Links

- Summary of issues: https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-every-modern-processor-has-unfixable-security-flaws/
- Intel's response: https://newsroom.intel.com/news/intel-responds-to-security-research-findings/
- Impact of patches and updates: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
- It can leverage web browsers: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
- A security researcher has a Google Docs spreadsheet of the status of AV products here: https://docs.google.com/spreadsheets/d/184wcDt9I9TUNFFbsAVLpzAtckQxYiuirADzf3cL42FQ/edit#gid=0
- List of Meltdown and Spectre Vulnerability Advisories, Patches, & Updates: https://www.bleepingcomputer.com/news/security/list-of-meltdown-and-spectre-vulnerability-advisories-patches-and-updates/

Technical Details

More information, including two papers on the CPU issues, has been released. These papers are technical descriptions of the bugs. Meltdown works on Intel processors only, Spectre works on Intel, AMD, and ARM processors.

The papers on the two bugs, called "Meltdown" and "Spectre" are available from

https://meltdownattack.com/

Readable discussion on the technical points

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

The webcast recording is now available from SANS. Click the Register button and log into your account. You will then see the "View Webcast" button and the "Download Presentation Slides" link on this page.

https://www.sans.org/webcasts/meltdown-spectre-understanding-mitigating-threats-106815

SANS presentation youtube video

https://www.youtube.com/watch?v=8FFSQwrLsfE

Anchor

	msupdate
	msupdate

Microsoft released patches today - the patch is not enabled by default and has to be enabled manually after the patch is applied. Part of the patch may require a firmware/BIOS update on the system before it will be completely effective. In addition, the patch will not be available for systems that are running incompatible anti-virus - some AV packages make calls into kernel memory that will cause a blue-screen-of-death if the patch is applied and enabled. More information from Microsoft is available here

https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-security-updates-released

Windows Server Guidance to protect against the speculative execution side-channel vulnerabilities

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

Windows Client Guidance for IT Pros to protect against speculative execution side-channel vulnerabilities

https://support.microsoft.com/en-us/help/4073119/windows-client-guidance-for-it-pros-to-protect-against-speculative-exe

A Simple Explanation of the Differences Between Meltdown and Spectre

https://danielmiessler.com/blog/simple-explanation-difference-meltdown-spectre/

Reportedly MacOS 10.13.2 has partial fixes in it and was released December 6, 2017. More changes are expected in 10.13.3.

What Google Cloud, G Suite and Chrome customers need toknow about the industry-wide CPU vulnerability

https://www.blog.google/topics/google-cloud/what-google-cloud-g-suite-and-chrome-customers-need-know-about-industry-wide-cpu-vulnerability/

Version	Old Version 36	New Version Current
Changes made by	Isaac Straley	Isaac Straley
Saved on	Jan 05, 2018	Jan 08, 2018

Versions Compared

Key

How to Detect Vulnerability

Summary Articles and Useful Links

Technical Details

Page Comparison

Versions Compared

Key

How to Detect Vulnerability

Summary Articles and Useful Links

Technical Details