The Latest: Spectre And Meltdown

Get all of CRN's coverage of the Spectre and Meltdown chip flaws, including the latest from Intel, here.

Spectre, Meltdown

The recent news that design flaws have left a gigantic portion of the world's computer processors vulnerable to two major exploits - Spectre and Meltdown - is unsurprisingly creating a lot of angst throughout the tech world.

As vendors are finding themselves scrambling to release security patches, solution providers are grappling with the potential performance impacts these updates could have on their customer's computing environments.

Get all of CRN's coverage of the Spectre and Meltdown chip flaws, including the latest from Intel, here.

Spectre/Meltdown Part Two? Research Firm Audit Reveals Critical Flaws, Backdoors In Four AMD Processors
March 13, 2018
Thirteen critical security vulnerabilities and manufacturer backdoors have been discovered throughout AMD's Epyc, Ryzen, Ryzen Pro and Ryzen Mobile processors, according to research firm CTS Labs.

Intel Nears Completion On Spectre Patches With Latest Processor Updates
March 9, 2018
Microcode patches are now available for Intel's Ivy Bridge and Sandy Bridge processor families.

Intel Brings Spectre Software Updates To Two Older Processor Lines
February 28,2018
Updated microcode is now available for Intel's Broadwell and Haswell chips to protect against the Spectre vulnerability.

Intel Rolls Out Spectre Mitigations For Newer Processors To OEMs And Partners
February 21, 2018
The company says firmware updates will be available from OEMs for devices running the latest three generations of Intel Core processors.

Intel Releases New Spectre Microcode Updates For Skylake Processors
February 8, 2018
The company's new production microcode updates address the Spectre security flaw for several Skylake-based platforms.

Intel Intros Newest Xeon Processors With Built-In Spectre And Meltdown Patches
February 7, 2018
The new Xeon processor will be supported by system software updates that protect customers from the Spectre and Meltdown security flaws, said Intel.

Coretek: Hospitals Avoiding Spectre, Meltdown Patches Because of Performance Hit, High Cost Of Adding New Hardware
February 7, 2018
The top health care solution provider said hospitals are facing multi-million dollar hardware costs and a 40 percent application workload hit if they implement the patches.

Microsoft Deploys Windows Update To Help Undo Intel's Troubled Spectre Patch
February 1, 2018
Companies including Microsoft are working to eliminate the 'unpredictable system behavior' caused by Intel's latest patches for the Spectre vulnerability.

Intel CEO Krzanich Pledges Hardware Fix Later This Year For Spectre, Meltdown Vulnerabilities
January 26, 2018
Intel's CEO said during its fourth quarter earnings call that "security has always been a priority for us," on the heels of the Spectre and Meltdown security flaws.

5 Questions About Intel's Hardware Fix For Spectre And Meltdown
January 25, 2018
Intel CEO Brian Krzanich is pledging silicon-based fixes to address the Spectre and Meltdown vulnerabilities, which has raised a number of questions.

Apple Deploys Meltdown Security Updates For Macs Running Sierra And El Capitan
January 24, 2018
Macs running older operating systems had lacked Meltdown protections that had already come to the current version of macOS, High Sierra.

Solution Providers: It's Time To Restart The Clock On Spectre, Meltdown Patch Rollout Time Line
January 23, 2018
Solution providers say there is no clear timeline for resolution of Spectre and Meltdown security exploits now that Intel has stopped deployment of current versions of patches.

Linux Creator Calls Intel Meltdown, Spectre Patches 'Complete and Utter Garbage'
January 22, 2018
Linus Torvalds, in a profane public email exchange with another Linux expert, said Intel's patches to the OS kernel "do literally insane things. They do things that do not make sense."

Intel Tells Partners, Customers To Stop Issuing Spectre Patches, Citing 'Unpredictable System Behavior'
January 22, 2018
After acknowledging that its Spectre patches are causing reboot issues in older and newer chips, Intel issued a statement on Monday telling partners to stop issuing the patches.

Pivotal Warns Of Spectre, Meltdown Performance Impact, Says All Versions Of Software 'Potentially Affected'
January 22, 2018
Pivotal Software has found performance impacts to its Cloud Foundry platform related to the Spectre and Meltdown security issues.

Dell Technologies Conducts Performance Tests Across Portfolio To See Impact Of Meltdown, Spectre Patches
January 19, 2018
Dell said server performance impact would "vary greatly" depending on configuration and workload.

Cisco Expands Spectre, Meltdown Probe To Nine More Products
January 19, 2018
In an update to a security advisory, the networking giant says it is investigating several network application, service and acceleration products, as well as network management, routing and server products.

Spectre, Meltdown Update: Oracle Introduces 237 Security Patches
January 17, 2018
The breadth of the software giant's portfolio means managed services partners have a big job ahead of them in securing customers across industries.

Intel's Faulty Meltdown and Spectre Patches Are Causing More Reboot Issues In Newer Chips
January 17, 2018
Intel said that the patches for Spectre and Meltdown are now causing reboot issues for newer chips, including Skylake and Kaby Lake chips.

Spectre, Meltdown Update: VMware Retracts Faulty Intel Firmware Patches For Chip Vulnerabilities
January 17, 2018
Another day, another headache for solution providers dealing with the aftermath of Meltdown and Spectre. The first fix isn't always the final fix, said one VMware channel partner.

AMD Backtracks On 'Near Zero Risk' Processor Claims, Now Must Issue Updates To Combat Spectre
January 11, 2018
AMD, contrary to its earlier comments, now concedes that its processors could be susceptible to both variants of the Spectre exploit.

Red Hat Researchers: Spectre Chip Vulnerability Likely Worse For VMs Than Containers
January 10, 2018
"Now people are seriously paying attention to something they should have been paying attention to a long time ago—the implementation of security on processors," a Red Hat engineer told CRN.

7 Things To Know About Spectre And Meltdown Patch-Related Performance Hits
January 10, 2018
While some solution providers have reported minimal or no performance effects related to recently deployed software and OS patches, some customers and technology professionals have experienced noticeable CPU usage increase and blue-screening.

Spectre, Meltdown Update: Microsoft Customers Reporting 'Unbootable' AMD PCs After Installing Windows Security Patch
January 9, 2018
Microsoft said some AMD chips do not align with documentation previously provided by AMD. The exact spectrum of affected AMD processors has not been disclosed, but a spokesperson said the errors affect a subset of its "older" processors.

Partners: Intel's New Internal Security Group Needs To Put Safeguards On The Same Level As Speed
January 9, 2018
"When you have a group that's ordained with some amount of power, that's probably more influential than just some engineers that look at security also," said Daniel Daninger, vice president of engineering at Nor-Tech.

9 Steps Intel Recommends To Sidestep Spectre And Meltdown
January 8, 2018
Intel has sent a white paper to its partners outlining the top mitigation steps, resources and technologies that they can use to avoid the Spectre and Meltdown exploits.

Intel CEO: Amid Spectre, Meltdown Exploit Crisis, 'Security Is The Number One Job For Intel'
January 8, 2018
During the opening CES 2018 keynote, Intel CEO Brian Krzanich addressed recent security issues in the wake of the Spectre and Meltdown exploits.

Spectre, Meltdown Update: NetApp, IBM, HPE, Lenovo, Dell EMC Weigh In On Storage System Vulnerability
January 8, 2018
Five top storage vendors have mixed responses on how the Spectre and Meltdown issue might affect storage hardware and software.

Red Hat Warned Partners Of Computing, Cloud Performance Loss Stemming From Protecting Against Chip Vulnerabilities
January 8, 2018
The leading distributor of open-source server and cloud operating systems said all its major infrastructure products are affected by Meltdown and Spectre.

Here's How Five Top Networking Vendors Are Responding To Spectre, Meltdown Exploits
January 8, 2018
Cisco, Huawei, HPE Aruba, Arista Networks and Juniper Networks have all responded to the Spectre and Meltdown exploits by issuing security advisories that demonstrate a range of possible impacts and preventative actions.

Intel To Partners: Multiple Mitigation Methods, Tools Can Alleviate Spectre, Meltdown Exploits
January 8, 2018
Intel is educating partners on the mitigation steps and security tools necessary to lessen the impact of the Spectre and Meltdown exploits with a new whitepaper.

NetApp Says Its Storage Systems Not Impacted By Spectre, Meltdown Thanks To Its OnTap OS
January 8, 2018
NetApp says that because its OnTap storage operating system does not allow the running of third-party applications or malicious software, attackers cannot use its hardware or software to access privileged information.

In Wake Of Meltdown And Spectre Bug Debacle, Intel Hit With Multiple Class-Action Lawsuits
January 5, 2018
Intel is facing three class-action lawsuits as the company continues to grapple with fallout after revelations that its chips were vulnerable to two massive security bugs.

Here's How 17 Security Vendors Are Handling The Meltdown And Spectre Vulnerabilities
January 5, 2018
The Microsoft patch for the Meltdown and Spectre microprocessor exploits wasn't compatible with several anti-virus products. This is how endpoint security vendors are confronting the issue and helping their customers get patched.

Cisco Investigating Dozens Of Routers, Switches, Servers That May Be Affected By Spectre, Meltdown Exploits
January 5, 2018
In a security advisory issued Thursday night, Cisco says it is putting dozens of routers, switches and servers under the microscope to find out whether any of them may be affected by the Spectre or Meltdown exploits.

Processor Security Flaw: MSPs Emphasize Careful Patch Testing, Disciplined Approach In Addressing Spectre And Meltdown Threats
January 5, 2018
No known instances of malware exploiting have yet affected processors in PCs or servers in the field, according to Intel, but MSPs are still pushing to deploy their patches sooner rather than later.

7 Things You Need To Know About Spectre And Meltdown Security Exploits
January 4, 2018
Security researchers have discovered exploits that are being referred to as Spectre and Meltdown that chip giant Intel says impacts its own processors as well as those from AMD and ARM. Here are seven things you need to know about Spectre and Meltdown.

Processor Security Issue: Intel Says Processors Working As Designed
January 4, 2018
It's not the processors at fault, but the way attackers could potentially look at privileged information in memory that could cause issues, Intel said.

Apple Says Mac, iOS Devices Could See Spectre, Meltdown Issues, Is Mitigating Those Issues Now
January 4, 2018
The side-channel analysis security issues, under which processors from Intel, AMD, and ARM could allow reading of privileged information by rogue applications, could impact Mac and iOS devices, but Apple has already mitigated some of those issues.

AMD Claims 'Near-Zero Risk' To Its Processors From Meltdown, Spectre Exploits
January 4, 2018
AMD says it has no plans to issue software or OS updates to address the Meltdown and Spectre security flaws because it doesn't need to.

Cloud Giants AWS, Google And Microsoft React To Meltdown; Solution Providers Remind Customers To Update, Patch Systems
January 4, 2018
AWS, Google, and Microsoft revealed updates and patching plans for their popular cloud services in the wake of the Meltdown and Spectre chip-level vulnerabilities revealed this week. Solution providers say regular security patching can better protect customers from wide-reaching security threats.

Intel Unleashes 'Comprehensive' Threat Mitigation Response To Spectre And Meltdown Security Vulnerabilities
January 4, 2018
Intel says it is 'rapidly issuing' updates for all types of Intel-based computer systems -- including personal computers and servers -- that render those systems 'immune' from the Spectre and Meltdown security exploits.

Solution Providers: Ignore The Meltdown And Spectre Microprocessor Exploits 'At Your Own Peril'
January 4, 2018
'This is a flaw at the architectural level,' says Michael Knight of Encore Technology Group. 'It doesn't matter what version of software you're running, or your operating system. Everything is equally vulnerable.'

Intel Downplays 'Inaccurate' Chip Security Flaw Report
January 3, 2018
The report, which emerged earlier Wednesday, sent the chip company's shares plunging 6 percent.