The Latest: Spectre And Meltdown


Spectre, Meltdown

The recent news that design flaws have left a gigantic portion of the world's computer processors vulnerable to two major exploits - Spectre and Meltdown - is unsurprisingly creating a lot of angst throughout the tech world.

As vendors are finding themselves scrambling to release security patches, solution providers are grappling with the potential performance impacts these updates could have on their customer's computing environments.

Get all of CRN's coverage of the Spectre and Meltdown chip flaws, including the latest from Intel, here.

Spectre, Meltdown Update: VMware Retracts Faulty Intel Firmware Patches For Chip Vulnerabilities
January 17, 2018

Another day, another headache for solution providers dealing with the aftermath of Meltdown and Spectre. The first fix isn't always the final fix, said one VMware channel partner.

 

 

AMD Backtracks On 'Near Zero Risk' Processor Claims, Now Must Issue Updates To Combat Spectre
January 11, 2018

AMD, contrary to its earlier comments, now concedes that its processors could be susceptible to both variants of the Spectre exploit.

 

 

Red Hat Researchers: Spectre Chip Vulnerability Likely Worse For VMs Than Containers
January 10, 2018

"Now people are seriously paying attention to something they should have been paying attention to a long time ago—the implementation of security on processors," a Red Hat engineer told CRN.

 

 

7 Things To Know About Spectre And Meltdown Patch-Related Performance Hits
January 10, 2018

While some solution providers have reported minimal or no performance effects related to recently deployed software and OS patches, some customers and technology professionals have experienced noticeable CPU usage increase and blue-screening.

 

 

Spectre, Meltdown Update: Microsoft Customers Reporting 'Unbootable' AMD PCs After Installing Windows Security Patch
January 9, 2018

Microsoft said some AMD chips do not align with documentation previously provided by AMD. The exact spectrum of affected AMD processors has not been disclosed, but a spokesperson said the errors affect a subset of its "older" processors.

 

 

Partners: Intel's New Internal Security Group Needs To Put Safeguards On The Same Level As Speed
January 9, 2018

"When you have a group that's ordained with some amount of power, that's probably more influential than just some engineers that look at security also," said Daniel Daninger, vice president of engineering at Nor-Tech.

 

9 Steps Intel Recommends To Sidestep Spectre And Meltdown
January 8, 2018

Intel has sent a white paper to its partners outlining the top mitigation steps, resources and technologies that they can use to avoid the Spectre and Meltdown exploits.

 

 

Intel CEO: Amid Spectre, Meltdown Exploit Crisis, 'Security Is The Number One Job For Intel'
January 8, 2018

During the opening CES 2018 keynote, Intel CEO Brian Krzanich addressed recent security issues in the wake of the Spectre and Meltdown exploits.

 

 

Spectre, Meltdown Update: NetApp, IBM, HPE, Lenovo, Dell EMC Weigh In On Storage System Vulnerability
January 8, 2018

Five top storage vendors have mixed responses on how the Spectre and Meltdown issue might affect storage hardware and software.

 

 

Red Hat Warned Partners Of Computing, Cloud Performance Loss Stemming From Protecting Against Chip Vulnerabilities
January 8, 2018

The leading distributor of open-source server and cloud operating systems said all its major infrastructure products are affected by Meltdown and Spectre.

 

 

Here's How Five Top Networking Vendors Are Responding To Spectre, Meltdown Exploits
January 8, 2018

Cisco, Huawei, HPE Aruba, Arista Networks and Juniper Networks have all responded to the Spectre and Meltdown exploits by issuing security advisories that demonstrate a range of possible impacts and preventative actions.

 

 

Intel To Partners: Multiple Mitigation Methods, Tools Can Alleviate Spectre, Meltdown Exploits
January 8, 2018

Intel is educating partners on the mitigation steps and security tools necessary to lessen the impact of the Spectre and Meltdown exploits with a new whitepaper.

 

 

NetApp Says Its Storage Systems Not Impacted By Spectre, Meltdown Thanks To Its OnTap OS
January 8, 2018

NetApp says that because its OnTap storage operating system does not allow the running of third-party applications or malicious software, attackers cannot use its hardware or software to access privileged information.

 

In Wake Of Meltdown And Spectre Bug Debacle, Intel Hit With Multiple Class-Action Lawsuits
January 5, 2018

Intel is facing three class-action lawsuits as the company continues to grapple with fallout after revelations that its chips were vulnerable to two massive security bugs.

 

 

Here's How 17 Security Vendors Are Handling The Meltdown And Spectre Vulnerabilities
January 5, 2018

The Microsoft patch for the Meltdown and Spectre microprocessor exploits wasn't compatible with several anti-virus products. This is how endpoint security vendors are confronting the issue and helping their customers get patched.

 

Cisco Investigating Dozens Of Routers, Switches, Servers That May Be Affected By Spectre, Meltdown Exploits
January 5, 2018

In a security advisory issued Thursday night, Cisco says it is putting dozens of routers, switches and servers under the microscope to find out whether any of them may be affected by the Spectre or Meltdown exploits.

 

Processor Security Flaw: MSPs Emphasize Careful Patch Testing, Disciplined Approach In Addressing Spectre And Meltdown Threats
January 5, 2018

No known instances of malware exploiting have yet affected processors in PCs or servers in the field, according to Intel, but MSPs are still pushing to deploy their patches sooner rather than later.

 

 

7 Things You Need To Know About Spectre And Meltdown Security Exploits
January 4, 2018

Security researchers have discovered exploits that are being referred to as Spectre and Meltdown that chip giant Intel says impacts its own processors as well as those from AMD and ARM. Here are seven things you need to know about Spectre and Meltdown.

 

 

Processor Security Issue: Intel Says Processors Working As Designed
January 4, 2018

It's not the processors at fault, but the way attackers could potentially look at privileged information in memory that could cause issues, Intel said.

 

 

Apple Says Mac, iOS Devices Could See Spectre, Meltdown Issues, Is Mitigating Those Issues Now
January 4, 2018

The side-channel analysis security issues, under which processors from Intel, AMD, and ARM could allow reading of privileged information by rogue applications, could impact Mac and iOS devices, but Apple has already mitigated some of those issues.

 

AMD Claims 'Near-Zero Risk' To Its Processors From Meltdown, Spectre Exploits
January 4, 2018

AMD says it has no plans to issue software or OS updates to address the Meltdown and Spectre security flaws because it doesn't need to.

 

 

Cloud Giants AWS, Google And Microsoft React To Meltdown; Solution Providers Remind Customers To Update, Patch Systems
January 4, 2018

AWS, Google, and Microsoft revealed updates and patching plans for their popular cloud services in the wake of the Meltdown and Spectre chip-level vulnerabilities revealed this week. Solution providers say regular security patching can better protect customers from wide-reaching security threats.

 

Intel Unleashes 'Comprehensive' Threat Mitigation Response To Spectre And Meltdown Security Vulnerabilities
January 4, 2018

Intel says it is 'rapidly issuing' updates for all types of Intel-based computer systems -- including personal computers and servers -- that render those systems 'immune' from the Spectre and Meltdown security exploits.

 

Solution Providers: Ignore The Meltdown And Spectre Microprocessor Exploits 'At Your Own Peril'
January 4, 2018

'This is a flaw at the architectural level,' says Michael Knight of Encore Technology Group. 'It doesn't matter what version of software you're running, or your operating system. Everything is equally vulnerable.'

 

Intel Downplays 'Inaccurate' Chip Security Flaw Report
January 3, 2018

The report, which emerged earlier Wednesday, sent the chip company's shares plunging 6 percent.