Security Alert: Processors Meltdown!

Hello,

Recently multiple disclosed security vulnerabilities took the Internet by storm. Dubbed “Meldown” and “Spectre”, those vulnerabilities seem to affect numerous systems and processors including Intel, AMD, ARM; thus it has the potential to affect PCs, servers, networking equipment, mobile devices and even cloud.
An attacker can exploit those vulnerabilities by running a special code locally on the system which could result in accessing privileged data of another process through unprivileged access level.

Meltdown: Rogue data cache load (CVE-2017-5754)
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

Spectre Variant 1: Bounds checking bypass (CVE-2017-5753)
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Spectre Variant 2: Branch target injection (CVE-2017-5715)
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. Link

Meltdown and Spectre in 3 Minutes

Meltdown in Action: Dumping memory

Below is a list of numerous vendors and links to their articles describing the impact and patching process.

Cisco	ASR9K, UCS B-Series, UCS C-Series… affected, check KB
F5	LTM, ASM, GTM… affected, check KB
Palo Alto	check KB
Juniper	check KB
Riverbed	check KB
Fortinet	check KB
Bluecoat	check KB
Symantec	check KB
ESET	check KB
VMware	ESXi, Workstation… affected, check KB
Intel	i3, i5, i7, Xeon, Atom… affected, check KB
Windows	Client 7, 8.1, 10… affected, check KB
Windows	Server 2008, 2012, 2016… affected, check KB
Windows	SQL 2008, 2012, 2016, 2017… affected, check KB
Synology	DSM 5.2, 6.0, 6.1… affected, check KB
Red Hat	Enterprise Linux 5, 6, 7, OpenStack… affected, check KB
Ubuntu	check KB
SUSE	check KB
Firefox	Fixed in 57.0.4
Chrome	Fixed in v64 (to be released January 23)

Cisco IPS signatures that targets those vulnerabilities are:

Signature ID	Signature Name	Release	Latest Release Date
8152/0	Intel CPU Side Channel Analysis Information Disclosure	S1005	01/05/2018
8152/1	Intel CPU Side Channel Analysis Information Disclosure	S1005	01/05/2018
8152/2	Intel CPU Side Channel Analysis Information Disclosure	S1005	01/05/2018
8152/3	Intel CPU Side Channel Analysis Information Disclosure	S1005	01/05/2018
8152/4	Intel CPU Side Channel Analysis Information Disclosure	S1005	01/05/2018

—
Elie Bassil
linkedin.com/in/eliebassil

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Related Posts

What is Wi-Fi 6 and why might I need it?

Transformation Covid 101 -Lessons learned on managing teams and running daily operations!

Data Consult Transforms Service Delivery and Customer Experience with Oracle