— by Brandon Jackson, Jennifer Lugo, Jason Owens and Jesse Wiener

There has been a lot of information and articles published over the last few days regarding what some initially reported as a security issue with Intel CPUs. As more research and information has become available, some of the details previously announced appear to have been inaccurate.

The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. The issues appear to affect AMD and ARM as well as Intel processors, although maybe not equally. This is not an Intel-only issue — a statement published by Intel and then by Google seems to confirm this. Intel chips as old as 10 years may be affected.

ARM has indicated that some of its processors are affected. According to a ZDNet article, an AMD rep was quoted as stating the threat differs by microprocessor company and that because of AMD’s architecture, the company believes there is a near-zero risk to AMD processors. The extent to which AMD is affected seems unclear at this point, however the patches that are being released by software vendors apply to the products of all three microprocessor companies.

The Vulnerability Explained

The vulnerability exists in the layer between the CPU and the software. It’s a threat because the vulnerabilities can permit one process to spy on another process and gain access to privileged information such as passwords, data and more contained in memory. This is sometimes referred to as a “side channel attack.” It can be especially concerning for highly virtualized or cloud environments with multiple customers and systems on the same CPUs.

One issue is being referred to as “Meltdown” and relates to CVE-2017-5754. It is called Meltdown because it “melts” the security boundaries between the chip and software, enabling access to private kernel memory.

The other issue is being referred to as “Spectre” and is different from Meltdown. Spectre tricks the system into providing the information. Spectre is potentially more dangerous as it’s harder to mitigate, although it appears at this time to be harder to make use of.

What to Do

Patches to mitigate Meltdown are available for Linux, Windows and OS X. Microsoft released emergency updates Jan. 3, 2018. There have also been patches released for Chrome and Firefox browsers to help mitigate the threat of malicious JavaScript from being able to exploit the Meltdown vulnerability. As of this writing, there appears to be no known fixes for Spectre. Information may evolve over time on this situation, especially with regard to Spectre. Bleepingcomputer has published a list of Meltdown and Spectre vulnerability advisories, patches and updates that are a good resource for information on various technologies and vendors. Additionally, Graz University of Technology has created a Meltdown and Spectre website that contains updated information about both security vulnerabilities and relevant information.

Most organizations are going to have IoT, industrial, medical, legacy or other types of devices that will not receive software updates or patches. In these scenarios, a properly segmented network design/roadmap is important to implement. Having a segmented network and monitoring tools will play a key role in protecting your environment. Vulnerable devices can be placed into areas of the network (behind firewalls or controlled via ACLs) where their access can be controlled and continuously monitored while reducing the potential issues they could cause.

Potential Performance Issues

Some of the conversation around these issues has been in regard to a potential performance hit resulting from applying the fixes. This is due to the immediate fix for Meltdown in the form of kernel Page Table Isolation (PTI) and resulting overhead. Intel is denying reports of a huge performance dip and research seems to indicate that there are only certain circumstances where there could be a significant performance impact. VMware, Amazon and Red Hat have all made statements indicating that some performance and systems will hardly be affected at all. Actual impact is yet to be determined and may vary by both hardware and the tasks being performed.

Vendor Press Releases and Advisories

The following links and documents are official statements from the various technology vendor and CDW partners:






Dell EMC







Red Hat



Learn more about CDW’s data center solutions and partners.


4 thoughts on “What Are Meltdown and Spectre, and Which Processors Are Affected?

  • Clarkson Williams says:

    Will these developments cause customers to spend more now in an attempt to mitigate the problem…or will it cause a pause in spending to allow time for vendors to come up with more complete solutions that don’t degrade performance

    • Brandon Jackson says:

      Great question! I think it will depend on the individual customer and where they are at with infrastructure refreshes or with their cloud migration/buildout strategies. This scenario may be good litmus test of a customer’s overall security strategy, assessing how they react and respond to zero-day type vulnerabilities. As patches and fixes come out to fix infrastructure and devices that are current-generation (and recently announced “next-generation” for most vendors), customers will have options to purchase and consume infrastructure that is either protected by the various patches and updates, or will be able to purchase infrastructure that is already protected. So I don’t think a massive slowdown in IT spend will be experienced for on-premises infrastructure because of this event. The various cloud providers responded to the vulnerabilities quickly, so it is our hope that cloud consumption will not be adversely affected either. But it has been a wake-up call to see how a vulnerability can affect a large swathe of the industry, and to make sure customers take all of the appropriate measures to secure their business and infrastructure.

  • Thanks for the concise list.
    Can you make the “Cohesity Security Bulletin” available not on your Sharepoint site, though, please?

    • Brandon Jackson says:

      Thanks for the interest and feedback. CDW uses SharePoint internally for distribution of content, and those links should be accessible outside of our company. We just tested them and we were able to access them from a non-verified account. Please let us know if you see any issues with accessing the content!

Comments are closed.