Fixing the
Meltdown and Spectre vulnerabilities
Meltdown and Spectre vulnerabilities
Two days ago, Graz University of
Technology published a paper https://spectreattack.com/ describing a pair of attacks on common
microprocessors.
Technology published a paper https://spectreattack.com/ describing a pair of attacks on common
microprocessors.
The underlying vulnerability
affects Intel, AMD, and ARM processors. All contemporary microprocessors
pre-execute instructions.
affects Intel, AMD, and ARM processors. All contemporary microprocessors
pre-execute instructions.
In other words, the vulnerability
bypasses address space isolation. Address space isolation has been a foundation
for processor integrity since the 1980s.
bypasses address space isolation. Address space isolation has been a foundation
for processor integrity since the 1980s.
Microsoft yesterday released an
emergency patch for Windows 10 to address this prior to Patch Tuesday, which
incorporates KAISER in KB4056892. Other versions will receive the update on
January 9 as scheduled.
emergency patch for Windows 10 to address this prior to Patch Tuesday, which
incorporates KAISER in KB4056892. Other versions will receive the update on
January 9 as scheduled.
Why do these vulnerabilities matter to me?
These vulnerabilities take
advantage of a basic process used by all modern CPUs to help speed up requests.
They take advantage of the timing of various instructions so they can see the
information – whether that’s proprietary corporate data or sensitive personal
information.
advantage of a basic process used by all modern CPUs to help speed up requests.
They take advantage of the timing of various instructions so they can see the
information – whether that’s proprietary corporate data or sensitive personal
information.
I’m trying to patch and can’t see the
update??
update??
Don’t worry, it’s not just
you.
you.
Microsoft has implemented a new
requirement for a Registry Key that must be installed to enable automated
Windows updates. The idea is to ensure installed endpoint security software is
compatible with the patches.
requirement for a Registry Key that must be installed to enable automated
Windows updates. The idea is to ensure installed endpoint security software is
compatible with the patches.
This is not a Trend Micro bug and
we are not “fixing” our product. We are providing instructions and tools to
enable that compatibility check in a product update.
we are not “fixing” our product. We are providing instructions and tools to
enable that compatibility check in a product update.
For users to install the key,
Trend Micro recommends a few options:
Trend Micro recommends a few options:
•
IT/system administrators can manually create and deploy
the registry key (ALLOW REGKEY) to unblock the delivery of patches
IT/system administrators can manually create and deploy
the registry key (ALLOW REGKEY) to unblock the delivery of patches
•
Trend Micro customers and users can download the update
packages directly from the Windows Update Catalog if
they are unavailable via Windows Update
Trend Micro customers and users can download the update
packages directly from the Windows Update Catalog if
they are unavailable via Windows Update
•
Apply an update for the Trend Micro security product
that will enable the ALLOW REGKEY needed through Windows Update
Apply an update for the Trend Micro security product
that will enable the ALLOW REGKEY needed through Windows Update
What to expect when installing the patch
There’s been a lot of talk about
the hit to performance when the ability to read information early is taken
away. Don’t fret, most PCs and VMs will not see much degradation. Here’s what
you need to know based on your environment:
the hit to performance when the ability to read information early is taken
away. Don’t fret, most PCs and VMs will not see much degradation. Here’s what
you need to know based on your environment:
•
Cloud-based
systems: Likely will see some slight elongation in response time. While
processors will run more slowly, they (and the local memory and disk) are on
the other side of the Internet.
Cloud-based
systems: Likely will see some slight elongation in response time. While
processors will run more slowly, they (and the local memory and disk) are on
the other side of the Internet.
•
Local processing
for compute-intensive workloads: You may see a more significant impact.
Heavy processes and big data analytics benefit most from this processing
feature. Without it, running these processes will take more time.
Local processing
for compute-intensive workloads: You may see a more significant impact.
Heavy processes and big data analytics benefit most from this processing
feature. Without it, running these processes will take more time.
•
Home users:
Most consumers will not notice the change. If you’re gaming a lot or use heavy
graphics component, then the same rules apply as for organizations.
Home users:
Most consumers will not notice the change. If you’re gaming a lot or use heavy
graphics component, then the same rules apply as for organizations.
This is not just a Microsoft
problem, however. All other operating system vendors will be issuing patches
that install as usual.
problem, however. All other operating system vendors will be issuing patches
that install as usual.
For everyone – whether you’re a
system administrator for a very large enterprise, or you have a single home
computer – install this patch as soon as it’s available from your vendor. For
consumers, enabling auto update ensures that patches install as soon as they’re
available to your computer.
system administrator for a very large enterprise, or you have a single home
computer – install this patch as soon as it’s available from your vendor. For
consumers, enabling auto update ensures that patches install as soon as they’re
available to your computer.
Trend Micro customers can learn more specifics
about what we’re doing to make this Microsoft requirement as smooth as possible
here for businesses and here for consumers.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
