Meltdown & Spectre: How to avoid the biggest cyber threat in modern computing

For Immediate Release

In This Message:

1. What is this threat and why does it affect you?
2. What you need to do.**
3. A special offer for new patch management clients.
4. A dynamic weekly updated list of Meltdown and Spectre solutions and articles for the IT professional or service provider** Check back each week for the latest additions.

What are these threats?
At Alvaka Networks, we have dedicated a lot of time in the past 24 hours to understanding the biggest dilemma in years for cyber security, the two threats known as Meltdown and Spectre. The implications are huge and widespread…and universal.

Meltdown is the name given to the Intel chip-based vulnerability that affects laptops, desktops, and servers running at your company and in the cloud. This threat does not discriminate on operating systems; it affects them all. Spectre is the other security issue you should know about. It affects all Intel, ARM, and AMD powered computers, smartphones and tablets. Read more about the Intel chip security flaw.

This is scary – “Google says the two bugs can be exploited to “to steal data which is currently processed on the computer,” which includes “your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.” This problem is monumental, as it affects nearly every Intel processor released since 1995. Furthermore, Google says that tests on virtual machines used in cloud computing environments extracted data from other customers using the same server.

What do you need to do right away?
You need to patch all your systems. It is going to be a massive effort to patch all servers, PCs, laptops, tablets, phones and other devices. Some systems will need patches to the operating system and applications as well. Some might even need firmware updates. The implications are staggering, given its effects on all processors going back to the mid-1990s.

• Microsoft has released a patch for their OS’s, but they are preventing it from distributing all PCs and servers. This is due to problems with the way some antivirus companies access the CPU (central processing unit) kernel. Installing the patch on those machines will cause BSODs (blue screen of death). This will render the computers unable to boot. In some cases, a change to the registry key is required for the AV software to not crash the computer. Once the registry key is available, it will then be possible to do the Windows patch update.
• Determine if firmware updates are needed. This will require an assessment of EACH machine model type with the machine manufacture.
• Determine if your antivirus software is compatible with the new patches. Click here to see the status of many antivirus products and whether they are ready or not. Please note that this is an ad hoc public, site set-up in response to this sudden problem. Alvaka does not guarantee the contents of the site, but it nonetheless appears to be helpful.
• VMware will need to be patched as well. Click here for more info on VMware security.
• Your Apple, Linux and Unix operating systems must also be updated.
• Here is a good link for more information on Meltdown and Spectre. Note the universal antidote is to do your software patching security updates.

For most companies, fixing everything instantly is probably not possible, or practical. But a swift response is required.

The Quick Fix Plan:

1. If you already have Alvaka Networks Patchworx service, you are in good hands. We will handle most of this for you.
2. However, you will still need an assessment of your IT infrastructure to evaluate all systems that might be affected, that are not included in your Patchworx subscription.
3. If you have systems that fall outside of what Alvaka Networks patches for you, then a separate plan needs to be created to address securing those systems. For example, firmware updates are not included in the Patchworx service, but it is possible that some of your systems will need new firmware. Whatever your situation, Alvaka Networks will work with you to come up with a plan.
4. Determine if your antivirus software is compatible with the patch updates and update as required.
5. It is advisable to do testing in your particular environment. This will help to discover if there are conflicts, incompatibilities, or other poor results. It is possible some applications may not run, some hardware may break or systems suddenly run very slowly.
6. When the plan is finalized, then patch vigorously as patches become available.
7. Even with the creation of a Quick Fix Plan, this is going to be quite a task for many.

Get your First Month of Patchworx Free! Offer good until 1/26/2018* 

 A Special Offer is available for those needing to get on Alvaka’s Patchworx patch management service. We have put together a Meltdown and Spectre Emergency Patching offer to get you remediated quickly. Sign-up now! We are going to be very busy. Service will be delivered to those in the order they sign-up.Write to Meltdown@alvaka.net if you request assistance.

A dynamic weekly updated list of Meltdown and Spectre solutions and articles for the IT professional or service provider.
January 9, 2018

• A great link to more than 36+ Vendor Information solution sources provided by US-Cert – Alert (TA18-004A), Meltdown and Spectre Side-Channel Vulnerability Guidance.
• Antivirus product updates – Click here to see the regularly updated status of many antivirus products and whether they are ready or not.
• Google Unveils New Retpoline Coding Technique for Mitigating Spectre Attacks – “Google has published details about a new coding technique created by the company’s engineers that any developer can deploy and prevent Spectre attacks. The company claims this new technique, called Retpoline, has a “negligible impact on performance” compared to other patches rolled out in the past few days that in some cases caused big CPU performance dips.”
• 9 Steps Intel Recommends To Sidestep Spectre And Meltdown “This white paper may be the first round of information targeting the extremely technical [aspects] so hopefully [Intel] will release more high level information.” Here is the white paper – Intel Analysis of Speculative Execution Side Channels.
• It gets worse: Microsoft’s Spectre-fixer bricks some AMD PCs – TheRegister, 8 Jan 2018: A lengthy thread on answers.microsoft.com records numerous instances in which Security Update for Windows KB4056892, Redmond’s Meltdown/Spectre patch, leaves some AMD-powered PCs with the Windows startup logo and not much more.