Salar Golestanian posted on January 05, 2018 11:48
Yesterday, Intel was busy trying to mitigate the damage to their share price collapse by saying the architecture “flaw” is not unique to Intel products and ARM, AMD also suffers from the same issue.
Today, FT reported that government-sponsored cybersecurity team had stepped back from its severe warning about the impact of the flaw.
Long-term, ARM, AMD and Intel will gain from the story as we will probably have to replace our hardware and that would mean more sale for the big Chip giants and AMD is already gaining as a result!
AFAIK the bottom line is that no matter which operating system is running the device, iOS, Mac OS, Windows, Linux or Android the problem will persist. We have a CPU that is designed with a back-door at the hardware level to help Administrators and security personnel to get in and fix things. This door may be should not have been in the architecture for as long as it has. IMHO, no matter how often one changes the lock to a hardware back-door, in time, a smart hacker will be able to break it.
Yesterday, I had an email from a client that asked is my site safe as it is on Azure (Cloud)? And I did not know the answer until I did some research and it is clear that same server technology is powering the cloud infrastructure. Therefore, Amazon, Google and Microsoft are all busy trying to patch or at least put in place solutions that learn about the breaches when they happen.
Yesterday, according to CNBC;
"a Microsoft spokesperson told CNBC in an email. "We are in the process of deploying mitigations to cloud services and have also released security updates to protect Windows customers against vulnerabilities affecting supported hardware chips from Intel, Arm, and AMD."
The term used for the issue is "Meltdown" and "Spectre" being the two methods of exploiting a security vulnerability. Meltdown is easier to fix Albeit, will have a negative performance impact. However, Spectre is much harder to fix as theoretically will require hardware fixes. However, the good news is that Spectre is harder to execute compared to ‘Meltdown’, According to the researchers, this “allows an attacker to trick error-free programs” and leak their secrets. “Safety checks of said best practices actually increase the attack surface and may make applications more susceptible to Spectre”.
For now, since Salaro's web hosting and application infrastructure is mostly on Windows Server platform, we are applying the following patches to all the servers running 2016 and 2008R2.
Windows Server 2016 - 4056890
Windows Server 2008 R2 - 4056897
Please do not hesitate to contact me if I can be of any help here on Linkedin or via email. I will keep you all posted with any negative implication of the patches we apply.
Salar Golestanian
Skype id: "salaro"
Salaro.com