Recently two CPU-based vulnerabilities, Meltdown and Spectre were identified, and Intel, Microsoft and others scrambled to create fixes and workarounds.
This repair work is ongoing. Unfortunately, a recent firmware fix from Intel created system problems, such as frequent reboots and instability. Microsoft just rushed out a patch to iron out the issues. Like all patches, the fix is no good unless it is properly installed, and placed on all relevant end points.
Intel learned of its firmware fix problems last month, and advised customers to stop installing the patch. Microsoft then released its out-of-band fix that simply disables the Intel patch.
“Intel has reported issues with recently released microcode meant to address Spectre variant 2 (CVE 2017-5715 Branch Target Injection) — specifically Intel noted that this microcode can cause ‘higher than expected reboots and other unpredictable system behavior’ and then noted that situations like this may result in ‘data loss or corruption.’ Our own experience is that system instability can in some circumstances cause data loss or corruption,” Microsoft wrote in a support advisory. “While Intel tests, updates and deploys new microcode, we are making available an out-of-band update today, KB4078130, that specifically disables only the mitigation against CVE-2017-5715. In our testing this update has been found to prevent the behavior described.”
The good news is that Microsoft reported “as of January 25, there are no known reports to indicate that this Spectre variant 2 has been used to attack customers,”
The CPU Exploit Background
Spectre is the less worrisome of the two vulnerabilities, and is less developed as an actual exploit. The good news for both exploits is they can only effectively snoop on or steal snippets of data and would take a great deal of effort to fully compromise a system.
Kaseya Automation Exchange to the Rescue
At Kaseya, we take security seriously; especially as our MSP customers often support hundreds of clients or more. Our experts stay close to the action, such as Meltdown and Spectre, through our security response team. We also stay close to customers who share fixes through the Kaseya Automation Exchange, which was built to help users of VSA by Kaseya benefit from all the other Kaseya VSA customers who have built security fixes and custom automation.
Kaseya also shares solutions built by in-house experts.
Learn more about these vulnerabilities with the Kaseya KnowledgeBase article Meltdown and Sprectre FAQs.
Patching is Key
The sure fire way to be protected is to keep your machines up to date. As such, leveraging Kaseya Patch Management and Kaseya Software Management will keep your systems up to date and safe from these CPU exploits. The integration with patch and Kaseya VSA means that you have already automatically discovered your end points, have details on their status, and can fully automate the patching process.
Learn more about patching here.