2018 starts off with two major security breaches called Spectre and Meltdown. In short, the Spectre & Meltdown vulnerabilities can allow unauthorized actors to steal sensitive information such as passwords, emails and credit card information from almost any computer or server.
In this case there is almost no need to investigate whether your organization is affected or not. You most probably are! The Spectre/Meltdown vulnerabilities affect almost any machine running a modern CPU, which means that IT organizations worldwide must take immediate action to secure their environment.
Try our free product vScope Limited!
In order to help IT organizations world wide mitigating the risks of the vulnerabilities we are offering a free assisted trial during January. More about the offer in end of this post.
Patching is not enough
How can we fix this?
Microsoft, VMware, Google etc. have already released patches to help organizations mitigate the vulnerabilities. However, in the case of Windows machines, applying the Windows Update might not be enough.
According to Microsoft Support you will need to ensure the following
- Apply the necessary updates from various vendors (eg. Microsoft, VMware, Google, Apple etc.)
- Make necessary configuration changes to enable protection
- Apply an applicable firmware update from the OEM device manufacturer
Here comes the challenge for IT organizations. How can we easily know if a machine is still exposed to the risk of being affected or not? In other words. How can we find out:
- What machines have not been updated with the critical Windows update?
- What machines have not the fix activated?
- What machines are missing critical firmware update?
If you know all the answers to these questions for your environment – Well done! If not, how are you going to find out? Gathering all this information requires extensive amount of manual work which is not only expensive. It takes time before the actual mitigation can start!
Relieve stress with vScope
Using vScope, organizations will always have a reliant and accurate documentation of their IT at hands. This is relevant in many cases, but especially when it comes to quickly investigating configurations across the environment. Sometimes you are dealing with nasty applications or weak certificates, and sometimes it is hardware related issues like the Spectre/Meltdown flaws.
An updated documentation of the IT-environment is a must have for any organization that wants to minimize time to action in regards to investigating configurations and settings across the network. In the case of answering the questions stated above, it is done in seconds with vScope.
But vScope doesn’t stop there. It also offers bundled automatic analysis of the documentation to highlight relevant insights for IT professionals. In the context of Spectre/Meltdown, this can be analyses such as:
- Windows machines not patched for speculative execution side-channel attacks
- Windows Servers without Spectre/Meltdown mitigation enabled
- VMware ESXi vulnerable to speculative execution exploits (Spectre)
Acquiring this information in vScope requires no prerequisites, no extensive training and no scripting skill. vScope is designed to help IT organizations move faster from insight to action.
Contact us and we will tell you more!
Some ending notes
All the major microprocessor manufacturers (Intel, ARM, AMD etc.) have released firmware updates for their processors in order to mitigate the risk of being affected. But what about less well-known manufacturers? Did they release an update? How do you know if any of your servers or machines are running processors from a manufacturer not INTEL, ARM or AMD?
Let us know if you are interested and we will show you how to do it in vScope
Free assisted trial of vScope during January 2018
One last thing. Due to the breaches we offer a free trial of vScope during January 2018 to help you inventory your IT. In order to get started you will need to register an account at our Account pages. We will get in touch in order to help you further. Good luck!
Learn more about our trial concepts at our Trial page.
How to use vScope to find Spectre & Meltdown vulnerabilities
vScope – Documentation
vScope – Analysis
About the attack