Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It’s really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer on networks, including workstation and servers.
This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation.
So, if the bad guys are able to get malicious software running on your computer, they may be able to get access to your passwords stored in a password manager or browser, your emails, instant messages, and documents.
The more severe vulnerability, Meltdown (CVE-2017-5754), appears isolated to Intel processors developed in the last 10 years. Spectre (CVE-2017-5715 and CVE-2017-5753) on the other hand, theoretically affects all processors that use speculative execution, including most modern processors manufactured by Intel, AMD, ARM and potentially more.
- Summary of issues and links to vendors: https://meltdownattack.com
From a quick read of the many articles, mitigation will require OS patches and firmware updates from Intel, AMD, Arm, etc. For Microsoft, the patch is dependent on having an approved AV application running that sets a compatibility registry key that Microsoft updates will reference. Windows Defender and Microsoft Security Essentials are of course approved and can be used if nothing else is available.
Below are links to information for Microsoft, VMware, Apple, and AWS.
- Main Article: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002
- Clients: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
- Servers: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution
- Important: Windows security updates released January 3, 2018, and antivirus software – https://support.microsoft.com/en-us/help/4072699
Windows Clients Impacted and Will be Patched
- Windows 10 (RTM, 1511, 1607, 1703, 1709)
- Windows 8.1
- Windows 7 SP1
Windows Servers Impacted and Will be Patched
- Windows Server 2008 R2 Service Pack 1
- Windows Server 2012 R2
- Windows Server 2016
VMWare (5.5, 6.5)