Spectre and Meltdown Vulnerabilities Discovered….

ESET Customer Advisory 2018-0001

January 4, 2018

Severity: Critical

Summary.

ESET has recently learned about vulnerabilities called Spectre and Meltdown that affect almost all Intel, AMD and ARM processors. ESET is one of the few third-party security solutions already compatible with Microsoft’s emergency patches (released January 3rd, 2018) that fix these vulnerabilities.

Solution.

On January 4, 2018, at 7:45 AM CET, ESET released Antivirus and antispyware scanner module 1533.3 for all consumer and business users. This update marks the system as compatible to download important security patches for Microsoft Windows. At the time of writing, ESET is one of only three AV vendors to support the patches, with others set to receive the updates starting tomorrow.

Why it’s important to use a Microsoft-compatible solution such as ESET

While testing the patch on Windows operating systems, Microsoft determined that some third-party vendors experienced issues with the patch related to internal changes in the Windows kernel that could result in stop errors (also known as BSODs).

These calls may cause stop errors that make the device unable to boot. To help prevent stop errors caused by incompatible antivirus applications, Microsoft is only offering the Windows security updates released on January 3, 2018 to devices running anti-virus software from partners who have confirmed their software is compatible with the January 2018 Windows operating system security update.

Details.

The Spectre and Meltdown vulnerabilities, published on January 3, 2018, are byproducts of optimization techniques designed to increase the performance of modern processors.

These techniques are called “out-of-order” and “speculative” execution. They allow the processor to make better use of time it would have to spend waiting unnecessarily before executing the next instruction to pre-compute further results which may or may not be used in the execution flow.

These pre-computed results, if not used, are discarded – but, as researchers have shown, there are side-effects left by such precomputation which are not disposed of thoroughly enough and can sometimes be leaked to the potential attacker.

As stated by researchers, there are theoretical ways that antivirus software could detect the problem. However, detection would have a negative impact on device performance, and significantly influence user experience; it would be a less effective approach than prevention. Therefore, we recommend that users take the following steps:

  • Keep track of any related patches for their systems and apply them as soon as possible
  • Keep all other software updated, including web browsers
  • Be on the lookout for phishing emails which are still the number one way for hackers to get a foothold on your computer.

ESET can help stop malware that in the future may use Spectre and Meltdown vulnerabilities.

We strongly encourage you to download the latest ESET product updates to allow the installation of these patches.

ESET has released an updated Antivirus and antispyware scanner (module 1533.3) for all consumer and business products. See the appropriate Knowledgebase article for instructions to update your product:

Note that a potential side-effect of the Microsoft patch can be reduced system speed. This is in no way related to your ESET product, but rather the firmware changes required to mitigate the Meltdown issue.

Frequently asked Questions about Spectre and Meltdown.

Is ESET compatible with the Microsoft patch that corrects the Meltdown Intel Flaw?

Yes, ESET released “Antivirus and Antispyware Module 1533.3” on Wednesday, January 3rd at about 11PM Pacific Time.

Which operating systems are affected by Meltdown?

Any computer using Intel processors made between 1995 and current day are potentially affected.

Which operating systems have been patched to address the Meltdown exploit?

At this time, Apple, Linux and Microsoft have released patches. Microsoft released a Windows 10 patch available for download on January 3rd, 2018. Apple macOS, OS X iOS as well as  Windows 7 and 8 patches were made available on Tuesday, January 9th, 2018.

ESET products have already been made compatible with these patches through regular product module updates. You should also be aware of patches for the Firefox, Internet Explorer and Edge web browsers that are currently available through automatic updates from their respective manufacturers. Per latest information at the time of writing, a patch for Google Chrome will be released on January 23rd. Also, you should keep a watch on your computer manufacturer’s site for any firmware updates to address the Meltdown exploit.

Spectre

Which operating systems are affected by Spectre?
Any computer using an Intel, AMD, or ARM processor is potentially affected.

How do I protect myself from Spectre?
Follow your computer/phone manufacturer for updated firmware releases.

Feedback & Support

If you have feedback or questions about this issue, please contact us using the by sending an email to spotlight@citsys.com or call; +233 50 000 5092.

Thank you!

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s