The Processor Bugs of 2018 (aka Meltdown and Spectre) – What you need to know
You may have heard about a pair of security flaws (aka Meltdown and Spectre) that have been found in almost all recent processors that will require updates to Windows, Mac, Linux, iOS (iPhones, iPads, etc.), Android, FreeBSD …. Basically everything.
We’ve compiled a short list of questions that will hopefully help our customers understand what’s going on and how we’re approaching things. If you have more questions, or just want to talk please either raise a support ticket or give us a ring.
So what does this all mean, exactly?
You can get full information from meltdownattack.com (it’s really well designed and well written, we encourage you to take a look), however the simple version is that both flaws allows programs and virtual machines to access areas of memory that they shouldn’t. This allows data to potentially get stolen. One attack (Meltdown) affects just Intel processors. The second attack (Spectre) affects at least Intel, AMD, and ARM processors.
Is this just theoretically possible? How likely is it really?
People have demonstrated stealing things like passwords and reading memory from virtual server hosts using specifically designed exploits already, so it is serious and not just theoretical. Companies like Microsoft and Amazon who run hosting services have already scheduled and performing rolling updates of their server fleets.
Using #Meltdown to steal passwords in real time #intelbug #kaiser #kpti /cc @mlqxyz @lavados @StefanMangard @yuvalyarom https://t.co/gX4CxfL1Ax pic.twitter.com/JbEvQSQraP
— Michael Schwarz (@misc0110) January 4, 2018
I’ve heard there are performance issues after applying the patches. Is this true?
Intel are currently saying there is no significant impact, and are quoting Apple, Microsoft, Amazon and Google.
However some earlier tests by some other outlets have found between 5-30% performance loss.
Currently our stance is that it really depends on workload (the kind of work you perform), but we expect it to be minimal for most of our customers.
Should we hold back on the patches if it’s going to slow down systems? Can I not just rely on my Anti-Virus software?
Unless you have a completely isolated system (no connection to the outside world at all) that only runs 100% trusted code (and almost no one does), then you should patch.
It’s tempting if you’re worried about performance, but whilst it’s possible that Anti-Virus can detect programs using these flaws, it is unlikely in practice. Unlike usual malware Meltdown and Spectre are hard to distinguish from regular programs. However, your anti-virus may detect malware which uses the attacks by comparing programs after they become known.
TL;DR – You should be patching this.
How are Glo dealing with this?
We’re in the process of rolling out the relevant patches (from Microsoft, Intel, etc.) to our customers. We are working with our Anti-Virus partners to ensure that the appropriate fixes are rolling out. We are evaluating each platform and system independently. If you have not already had a support ticket logged you will get one shortly.
If you have more questions, or just want to talk please either raise a support ticket or give us a ring.
Leave a Comments