One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 465965 |
| Date de publication | 2018-02-07 14:00:00 (vue: 2018-02-07 14:00:00) |
| Titre | How to Handle Meltdown and Spectre: Patch, But Don\'t Rush It |
| Texte |
Welcome to 2018. If you’re still catching up, one of the first things on your radar is probably Meltdown and Spectre — two massive CPU vulnerabilities that have sent the security and broader tech world spinning.
There is plenty of additional data to be found about the actual technologies involved and the likely attacks that will probably follow, but baseline what you need to know is that there is a flaw in one of the ways that Intel uses to improve the performance of their chips. If you want a comprehensive technical view, including some descriptions of PoC’s of potential exploits, take a look at the original Google Project Zero post. If you are looking for something a little higher level, that includes more actionable pointers, I’d recommend this clear guide to Meltdown and Spectre patches.
As for this post, I’m not going to provide another analysis of Meltdown and Spectre, and I’m also not going to pass judgement. I’m mainly concerned with what organizations are doing to defend themselves. Despite all the press and publicity (a Google query for “meltdown and spectre” yielded nearly three million entries after only 14 days) there has been little in the way of solid recommendations to blunt the impact of the problem. Microsoft has provided patches to block access to vulnerable operations, but these are offered with warnings about side effects and potentially disruptive software interactions. Similarly, Intel has released, then issued warnings on, firmware updates that were intended to help. There is an overarching sense of confusion about the right next steps, especially around the right timing to adopt these remediations.
Seeing this, we kicked off a quick survey to find out how people were coping, and whether this critical and noisy problem was spurring rapid response, or whether those measures were being impacted by some of these negative reports. If you haven’t yet decided exactly what to do, you are not alone. Across the set of respondents, 95% of whom are directly responsible for security updates, only 21% had applied the Microsoft patch to more than 75% of their systems. Most of them, 51%, had patched less than a quarter of their systems, and 61% acknowledged that they were aware that these patches could cause adverse interactions with other products.
This does not need to be the fire drill it may currently feel like
The best advice for dealing with this situation is to recognize that the changes that major firms like Microsoft, Oracle, Apple, and others had to make are serious modifications to low-level system behaviors — changes that may impact their own performance, or that of other applications. These second-order consequences can be nearly as damaging as any eventual attack that exploits these flaws, particularly if widespread updates cause intermittent or widespread downtime.
This event provides security leaders with the opportunity to show balance. A knee-jerk reaction is to instantly apply the patches when available, cleaning up the fall-out as it happens. But why? Currently |
| Envoyé | Oui |
| Condensat | “meltdown if take 2018 about access acknowledged across actionable actual additional adopt adopters adopting advantage adverse advice after all alone along also analysis another any apple applications applied apply approaches are around assuming attack attacks available aware backs balance baseline been before behaviors being best block blunt broader but campaigns can catching cause changes chips cleaning clear comprehensive compromises concerned confusion consequences continue cool coping could couple course cpu critical currently damaging data days dealing decided defend dependent descriptions despite detailed details directly disruptive does doing don down downtime drill earlier edges effects either entries environment especially event eventual exactly exploits fall feel find fire firms firmware first flaw flaws follow found gamble going google great guide had handle happens has have haven’t head help here higher how i’d i’m impact impacted improve includes including information instantly instead intel intended interactions intermittent involved issued jerk judgement kicked kind knee know lack leaders less level like likely little look looking low lull mainly major make manage massive mature may measures meltdown meltdown/spectre microsoft middle million mitigation modifications months more most nearly need negative new next noisy not off offered one only operations opportunity oracle order ordinarily organizations original other others out overarching own particularly pass patch patched patches people performance planning plenty poc’s pointers post potential potentially press pressing probably problem process products project proper provide provided provides prudently public publicity quarter query quick quickly radar rapid reaction recognize recommend recommendations released remediations reports reserve respondents responder response responsible right rigor rough run rush second securely security seeing sense sent serious set show side similarly situation smoothly software solid some something spectre spectre” spectre: spinning spurring steps stepwise sure survey system systems take taking tech technical technologies testing than them themselves then these things those three timing trailing treat two unfortunately until updates upgrade uses view vulnerabilities vulnerable wait want warnings way ways weakness welcome what when whether whom why widespread will world worn would yet yielded you’d you’re your zero |
| Tags | Guideline |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.