MELTDOWN AND SPECTRE BUGS – INTEL PROCESSOR VULNERABILITY
You may already be aware of a recent security flaw disclosed in respect to Intel processors (other processors may be affected but as yet no confirmed reports) as used in IT systems, these flaws have been named Meltdown and Spectre.
These flaws have the potential to allow an attacker to bypass kernel access protections such that regular apps can read the content of kernel memory. However it is important to note that there have been no reports of anybody exploiting this vulnerability at this stage.
The mitigation is to provide isolation between apps and the kernel by means of OS/Application patches and firmware updates for affected processors, however, there is potential that the extra software processing and mitigation methods may have some impact to system performance, but this is very dependent on workloads and how they use speculative processing of data.
What does this mean?
A number of updates and patches are being issued by Microsoft, VMware and Linux which will help protect against this flaw, however, this might impact on performance.
What are Asckey doing?
The Asckey team are evaluating the updates and feedback from Microsoft, VMware, Linux and hardware vendors with our Operations teams working through and testing these before raising any relevant changes. Any changes will be communicated out to you directly via the usual support channels, with OS/Application patching anticipated to be performed in the normal scheduled patch window unless customers specifically request this to be bought forward.
Where a standard change already exists for a particular patching activity, this will proceed without specific communication to our customers. Asckey operates an ITIL framework approach to change management and as such, standard changes are agreed for low impact and risk activities that do not require approval for each instance.
Should you have any questions regarding the above please contact Asckey Support on email@example.com or by phone on 0845 270 7747.