Spectre & Meltdown Response

1/24/2018 Update: Intel has validated our “wait & see” strategy with their updated response to this issue. They are now recommending that users refrain from installing the previously released updates due to reported issues that need to be investigated. Here is their statement:
We have now identified the root cause of the reboot issue impacting Broadwell and Haswell platforms, and made good progress in developing a solution to address it. Based on this, we are updating our guidance for customers and partners:
  • We recommend that OEMs, Cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions on the below platforms, as they may introduce higher than expected reboots and other unpredictable system behavior.
  • We also ask that our industry partners focus efforts on testing early versions of the updated solution for Broadwell and Haswell we started rolling out this weekend, so we can accelerate its release. We expect to share more details on timing later this week.
  • For those concerned about system stability while we finalize the updated solutions, we are also working with our OEM partners on the option to utilize a previous version of microcode that does not display these issues, but removes the Variant 2 (Spectre) mitigations. This would be delivered via a BIOS update, and would not impact mitigations for Variant 1 (Spectre) and Variant 3 (Meltdown).
  We believe it is important for OEMs and our customers to follow this guidance for all of the specified platforms listed below, as they may demonstrate higher than expected  reboots and unpredictable system behavior.  The progress we have made in identifying a root cause for Haswell and Broadwell will help us address issues on other platforms. Please be assured we are working quickly to address these issues.   https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr
Our team will continue to follow the news on this issue and advise our clients when we believe it is safe to proceed with repairs. 1/20/2018 The team at Thom Infotech is closely monitoring the latest information regarding the “Spectre” and “Meltdown” vulnerabilities. The issue, briefly stated, involves recently disclosed vulnerabilities in CPU architecture. The vulnerabilities impact nearly all modern CPUs. If you have a computer, server, smartphone or tablet you are likely to be affected. Because of the widespread nature of the vulnerability, the various manufacturer responses have been evolving rapidly. Some of the early fixes resulted in significant problems and were subsequently recalled. Other fixes will reportedly have a significant impact on the performance on all but the latest generation of CPUs and chipsets. Antivirus vendors have also been involved as their products need to be updated as well. Rest assured that as of today there are no reported exploits of the Spectre & Meltdown vulnerabilities. Also keep in mind that all the industry assessments thus far indicate that any forthcoming attacks would have to be initiated from within a computer operating environment or network, not from outside. As a result, the protections Thom Infotech is already providing our customers will significantly mitigate the threat, much like the millions of threats we guard against on a daily basis. Because of the evolving nature of the industry response, the initial problems encountered, the lack of successful exploits and the nature of the protections you already enjoy, our response is to wait & see. We will continue our normal process of testing patches to computer & server operating systems and applying them once the impact has been assessed. If we are managing your network, we have already updated your managed antivirus software. We are currently assessing firmware updates to the physical computer and server hardware and applying them in test environments to determine the impact. Once we are confident in the solutions, we will communicate a plan to perform the updates where appropriate. Please be aware that the vulnerabilities in question take advantage of the microcode designed to speed up CPUs. For many older computers, the only solution may be to disable the affected code. The “fix” will likely to make older, slower computers even slower – unbearably so in most cases. Your only recourse may be to replace the computers or servers. Again, we will communicate a plan once the flurry of activity settles and our assessment is complete. Be sure to visit this page often to learn our response strategy. This is an evolving issue and our only communication regarding our response will occur here. For more information about this issue, visit the US government-sponsored Computer Emergency Readiness Team (CERT) web page located here.