New Vulnerabilities Disclosed– ‘Meltdown’ and ‘Spectre’
Posted by Security on
What are they and can they affect you?
These vulnerabilities also affect hypervisors, which is the technology used for Virtual Server hosting by large cloud computing providers and SpireTech’s Virtual Server hosting services.
What are the fixes
Intel has been working with major vendors over the last year to provide a patch that addresses these vulnerabilities. For most users this means that Windows update will apply a fix preventing the worst effects, and there will likely be several more refined patches related to this over the coming months. Microsoft has implemented some restrictions on what machines will receive these updates to prevent compatibility issues with antivirus software. SpireTech VIP Support customers enrolled in Sophos Endpoint, Symantec Endpoint, or Kasperksy Endpoint protection and monitoring are compatible and will receive their necessary updates. If you are not a SpireTech VIP Support customer, this list should indicate whether your antivirus is compatible with the update. If your antivirus is not compatible then it is advised to consider replacing it for one that is compatible. For those systems that are antivirus compatible, please make sure that your antivirus software is up to date so that it will set the appropriate registry flags to indicate the system is ready for the update. One publicized potential side effect of the patches is a decrease in system performance. Intel reports that the average application can experience between 5% and 30% slowdown, however, in practice some specific workloads are reporting a dramatically worse slowdown.
What are we doing about it
A threat as dangerous as these requires a careful approach to mitigation. SpireTech is reviewing all VIP support systems to ensure they receive the necessary patches, and implementing an accelerated patch approval and deployment schedule to push the required updates out to all client systems. We will be running reports to identify any systems missing the required patches and remediating them as soon as possible. All of our internal systems, including those we use to host customer Virtual Servers, either have already had or are scheduled to have their OS patched. Additionally, firmware updates will be applied as they become available from our vendors.
As this is a new class of threats software vendors and hardware manufacturers are still working to provide long term fixes to these vulnerabilities. This process is likely to go on for several months as new ways to exploit them are found.
Regarding servers hosted in the cloud, this is a good reason to “know your neighbor” and host with a provider like SpireTech, because the likelihood of an anonymous neighbor accessing your data is minimized. Unlike big cloud players, we know and support our clients, and we only host clients we trust.
If you have any questions about how this might impact you or your services please feel free to contact us at 503-222-3086.