White Raven IT
White Raven IT
  • Contact Us
    • About Us
  • Infrastructure and design
    • Implementation
    • Selection and evaluation
  • Methodology and Process Consultation
  • Security
White Raven IT
White Raven IT
  • Contact Us
    • About Us
  • Infrastructure and design
    • Implementation
    • Selection and evaluation
  • Methodology and Process Consultation
  • Security

Worried about Spectre and Meltdown? Heres where to find guidance on fixing them

  • Home
  • Security
  • Worried about Spectre and Meltdown? Heres where to find guidance on fixing them

Spectre and Meltdown are major vulnerabilities, ones that could have very far-reaching implications. As Intel and the other chip manufacturers are figuring out exactly what to do about the loss of performance on their chips, the major providers of operating systems have all released guidance on how to best approach the problem.

For now, the answer seems to be simply replacing the chips, which is a costly endeavor at best, and one that is going to take some time. Immediately, there is a need to address the problem until this can take place.

If you are working in a cloud environment that is hosted with another company, White Raven strongly suggests that you contact them to be certain they are taking appropriate steps as well.

As always, test your patches before releasing them into production. Also, check your IPS/IDS devices for updates, as many manufacturers are releasing patches to limit impact as well.

Details from Google

Project Zero has released the details of their testing here.

CERT and National Cyber Security Centre

Cert has given us a listing of vendor updates here.

The National Cyber Security Center has begun a similar list here.

Vendor responses: 

CLOUD COMPUTING PROVIDERS

  • Amazon
  • Microsoft Azure
  • Google

Microsoft 

Microsoft has already released a patch this month, as part of their monthly cycle. Furthermore, they have released this article to explain how to properly protect their server operating systems.

Linux Operating Systems

  • Ubuntu
  • Red Hat
  • Debian :
    • Spectre
    • Meltdown

VMWare

  • Guidance
  • Security advisory with patches

Citrix

  • Citrix
  • Xen
Security
AWS, Citrix, Debian, Google, Linux, Meltdown, Microsoft, Red Hat, Spectre, Ubuntu, VMWare, vulnerability
Chrome may well be the most secure browser, but…
Microsoft to release new app for transparency’s sake

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Unix servers running Exim are vulnerable to code execution – estimates say 400,000 servers must be patched
  • Can your company survive in a world where 1Tbps DDoS attacks are becoming more common?
  • Do you think hardware segmentation is the answer? Think again.
  • Attackers evolve their strategies, but companies are failing to do so
  • Benchmarking Cloud Providers

Recent Comments

    Categories

    • Automation
    • Cloud
    • Infrastructure
    • Security
    • Uncategorized

    ©2018 White Raven, LLC