Polarverse would like to let you know that memory isolation issues affecting Intel, AMD, and ARM processors has been discovered. Here’s what you need to know and what you need to do.
The flaw enables attack code to read anything in memory, which could lead to data or identityl theft. The vulnerability is known by names such as Meltdown, Spectre, KPTI, KAISER and F**CKWIT. Patches have been released by Microsoft, Linux, and other platforms on Jan 3, 2018. Because exploitation requires the execution of some form of attack code, unpatched software programs are particularly at a high risk of facilitating the attack.
What Does That Mean?
If this vulnerability is successfully exploited, it will allow an attacker to access sensitive information inside the protected parts of your memory. Information, including passwords, emails and private documents may become exposed. Because this is a hardware level vulnerability, most all operating systems are affected. That means even Apple users are at risk!
What Does All This Mean For Me?
You are likely affected by this!
All chips made by Intel, AMD and ARM are affected.
Windows, Linux (Android included) and macOS are affected.
Cloud service vendors such as AWS and AliCloud are affected.
Yikes! What can I do?
Patching this vulnerability is more difficult than usual as it exists on the hardware level, affects multiple platforms, and includes varies versions of mobile and IoT devices. The current patch on Linux and Windows will incur a 5-30% performance hit on Intel products. This means if you are currently running a slow computer, it will get slower after the patch.
You'll need to stay updated on the newly released patches of your products and apply them when available, or confirm with your service provider that they have updated your systems to the latest patch. Big vendors are already giving feedback about their patching status. See examples below:
VMware: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
AMD: https://www.amd.com/en/corporate/speculative-execution
Red Hat: https://access.redhat.com/security/vulnerabilities/speculativeexecution
Xen: https://xenbits.xen.org/xsa/advisory-254.html
ARM: https://developer.arm.com/support/security-update
Amazon: https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/
Mozilla: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
Does My Firewall Help?
While this vulnerability affects mainly servers and workstations, attacks and malware that seek to exploit this vulnerability can still be detected and intercepted via network traffic. So, make sure you update the firmware on your firewall as well.
What If I’m a Client of Polarverse?
Clients of Polarverse are covered. We will be rolling out firewall patches as they become available and will continue to make sure all 3rd party applications are fully patched. We will be conducting these patches ahead of our routine schedule due to the extreme nature of this vulnerability. We will also postpone any hardware related recommendations and projects until we find out how Intel intends to move on from here.
Contact us if you have any questions or concerns. We can help you understand the problem better and help put your mind (and machine) at ease.
- Log in to post comments