Here’s what you need to know about “Meltdown” & “Spectre” Vulnerabilities, affecting nearly all Operating Systems
Recently, several vulnerabilities were released that affects nearly every computer, server, and nearly every type of operating system. These vulnerabilities are being labeled as “Meltdown” and “Spectre”. This impacts all operating systems in the world (including your own computer that you’re using right now), and is one of the wide-spread vulnerabilities we’ve yet to see. Since becoming aware of these vulnerabilities, QuadraNet has been working proactively with a plan of action, and to assist our proactive managed customers with ensuring their systems are up to date and patched from these vulnerabilities.
Meltdown & Spectre Vulnerabilities
A significant vulnerability has been discovered in all Intel processor chips and it’s going to have a huge impact going forward. All operating systems will have to be updated (Linux distributions, Windows, macOS).
This vulnerability is quite nasty because it’s a widespread hardware bug. The bug allows normal user programs to access the protected memory in the kernel. A kernel is the core of an operating system. It’s a process that handles the most sensitive tasks in your system.
For instance, the kernel controls the interaction between an application and the file system. It’s basically the gatekeeper that is going to allow a program to read and write files. It also manages memory and peripherals, such as your keyboard.
In other words, the kernel can do everything on your computer by design. But you don’t want the kernel to be compromised — it is one of the most serious attack vectors in modern operating systems. Because of a design flaw, user programs with low privileges can read protected kernel memory. If an attacker or an intelligence agency can find a way to install a normal program on your computer, they could then be able to read passwords stored in the kernel memory, private encryption keys, files cached from the hard drive and more.
At this time, there’s no evidence that any of these vulnerabilities have been exploited or exposed to the wild yet.
Source: “A major kernel vulnerability is going to slow down all Intel processors,” by Romain Dillet at TechCrunch
Here at QuadraNet, our customer’s security is our top priority, and we have been working to update our managed servers to patch against these vulnerabilities in the least impactful way.
Both “Meltdown” and “Spectre” require software based patching to secure servers from the vulnerability. Due to the nature of applying fixes to mitigate these vulnerabilities, we will need to reboot servers in order for the fix to be applied. This will result to a downtime window of 10-15 minutes during the server reboot.
We will be contacting our customers with proactive server management individually with a plan of action. For customers without a management subscription, we highly recommend that you update your kernel. However, please do not hesitate to contact us at anytime if you need any guidance or if you have any questions. QuadraNet’s support team is available 24x7x365 at firstname.lastname@example.org.