— by Brandon Jackson, Jennifer Lugo, Jason Owens and Jesse Wiener

There has been a lot of information and articles published over the last few days regarding what some initially reported as a security issue with Intel CPUs. As more research and information has become available, some of the details previously announced appear to have been inaccurate.

The vulnerabilities allow an attacker to compromise the privileged memory of a processor by exploiting the way processes run in parallel. The issues appear to affect AMD and ARM as well as Intel processors, although maybe not equally. This is not an Intel-only issue — a statement published by Intel and then by Google seems to confirm this. Intel chips as old as 10 years may be affected.

ARM has indicated that some of its processors are affected. According to a ZDNet article, an AMD rep was quoted as stating the threat differs by microprocessor company and that because of AMD’s architecture, the company believes there is a near-zero risk to AMD processors. The extent to which AMD is affected seems unclear at this point, however the patches that are being released by software vendors apply to the products of all three microprocessor companies.

The Vulnerability Explained

The vulnerability exists in the layer between the CPU and the software. It’s a threat because the vulnerabilities can permit one process to spy on another process and gain access to privileged information such as passwords, data and more contained in memory. This is sometimes referred to as a “side channel attack.” It can be especially concerning for highly virtualized or cloud environments with multiple customers and systems on the same CPUs.

One issue is being referred to as “Meltdown” and relates to CVE-2017-5754. It is called Meltdown because it “melts” the security boundaries between the chip and software, enabling access to private kernel memory.

The other issue is being referred to as “Spectre” and is different from Meltdown. Spectre tricks the system into providing the information. Spectre is potentially more dangerous as it’s harder to mitigate, although it appears at this time to be harder to make use of.

What to Do

Patches to mitigate Meltdown are available for Linux, Windows and OS X. Microsoft released emergency updates Jan. 3, 2018. There have also been patches released for Chrome and Firefox browsers to help mitigate the threat of malicious JavaScript from being able to exploit the Meltdown vulnerability. As of this writing, there appears to be no known fixes for Spectre. Information may evolve over time on this situation, especially with regard to Spectre. Bleepingcomputer has published a list of Meltdown and Spectre vulnerability advisories, patches and updates that are a good resource for information on various technologies and vendors. Additionally, Graz University of Technology has created a Meltdown and Spectre website that contains updated information about both security vulnerabilities and relevant information.

Most organizations are going to have IoT, industrial, medical, legacy or other types of devices that will not receive software updates or patches. In these scenarios, a properly segmented network design/roadmap is important to implement. Having a segmented network and monitoring tools will play a key role in protecting your environment. Vulnerable devices can be placed into areas of the network (behind firewalls or controlled via ACLs) where their access can be controlled and continuously monitored while reducing the potential issues they could cause.

Potential Performance Issues

Some of the conversation around these issues has been in regard to a potential performance hit resulting from applying the fixes. This is due to the immediate fix for Meltdown in the form of kernel Page Table Isolation (PTI) and resulting overhead. Intel is denying reports of a huge performance dip and research seems to indicate that there are only certain circumstances where there could be a significant performance impact. VMware, Amazon and Red Hat have all made statements indicating that some performance and systems will hardly be affected at all. Actual impact is yet to be determined and may vary by both hardware and the tasks being performed.

Vendor Press Releases and Advisories

The following links and documents are official statements from the various technology vendor and CDW partners:






Dell EMC







Red Hat



Learn more about CDW’s data center solutions and partners.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>