Blog: Alert

A report of two new vulnerabilities named Meltdown and Spectre was published last Wednesday, January 3, 2018. It is a big deal because they are hardware vulnerabilities affecting pretty much everything with a silicon chip. Yes, this means microprocessors on workstations and servers, mobile phones, tablets, cloud services, and other platforms.

Currently, mitigation and recommended processes are in flux. New information, articles, and white papers have emerged daily over the last week. As you research these concerns, be sure you are referencing reputable sources and the information is up-to-date.

For now, the tricky part is that some of the early updates aimed at mitigating the vulnerabilities have yielded incompatibilities which might leave systems inoperable. (The fix might break things.) Please be cautious. Verify and test updates before installation.

The Vulnerabilities

If exploited, both vulnerabilities, which are classified as speculative execution vulnerabilities, allow unauthorized access to protected areas of memory which could allow an attacker to collect sensitive information such as passwords and nonpublic customer information.

  • Meltdown - allows unauthorized access to memory, including protected kernel memory. Affects almost all Intel processors manufactured since 1995 and some ARM processors.
  • Spectre - allows unauthorized access to memory used by other computer processes. Affects almost all processors. It has been verified on Intel, AMD, and ARM processors.

Mitigation

As the IT industry moves to mitigate these vulnerabilities, incompatibilities which can render systems unusable have occurred. It is of utmost importance to verify and test updates before installation. Prudently pursue and ensure the following security processes are working effectively within your organization (these are already standard elements of strong security cultures):

  • Installation of security software updates - antivirus software, endpoint security software, etc.
  • Installation of operating system (OS) updates - Microsoft Windows, Linux, Mac OS, iPhone, Android, etc.
  • Installation of web browser updates - Microsoft Edge/Internet Explorer, Google Chrome, Mozilla Firefox, etc.
  • Installation of firmware updates for microprocessors - BIOS updates issued by computer system manufactures - Dell, Lenovo, HP, Apple, etc.
  • Prevention of malicious code execution - website blocking, website ad-blocking, phishing detection, security awareness training for users (how to spot malicious emails, not to click on links in emails), etc.

Exploits of these vulnerabilities are likely to change over time and the controls issued by hardware and software manufactures are likely to change as well. Therefore, it will be important to ensure updates are installed regularly.

 

Additional information provided by the researchers who discovered both vulnerabilities can be found at https://meltdownattack.com/.


 

 

 

CoNetrix Website | Contact Information

Cisco Hardware Issue with Clock Signal Component

 

On February 2, Cisco released information about an issue affecting many of their hardware systems. This issue may cause eventual hardware failure on specific models and hardware versions after 18 months or longer.

The most common affected systems include ASA 5506, 5508, 5516 firewalls, and 4321, 4331, and 4351 routers.

Details about the issue with a complete list of affected hardware is available at http://www.cisco.com/c/en/us/support/web/clock-signal.html. The "Field Notices" tab contains links to the specific hardware.

For CoNetrix Technology customers, we are currently reviewing all documentation to determine those customers with affected hardware. We will contact those customers when additional action is needed.

Other CoNetrix customers should review their installed Cisco hardware or contact their IT service provider as soon as possible.

CoNetrix Technology customers can contact Support at 806-687-8600 or support@conetrix.com with any questions or concerns.

 

 

 


 

On Thursday, October 23 2008, Microsoft released a critical out-of-cycle security update. This update addresses a vulnerability in the Windows server service that could allow remote code execution. Microsoft has rated this vulnerability Critical for all supported editions of Microsoft Windows 2000, Windows XP, and Windows Server 2003. This vulnerability has been rated Important for all supported editions of Windows Vista and Windows Server 2008.

The update addresses the vulnerability by correcting the way that the Server service handles RPC requests. Additional technical details on the vulnerability and update can be accessed at:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

As a best practice, RPC functionality should not be exposed directly to the Internet. However as a precaution, CoNetrix recommends applying the update available from Microsoft as soon as possible.

If you have any questions or need assistance with this update, please contact CoNetrix at support@conetrix.com or call (800) 356-6568.