Meltdown and Spectre Get Ugly!

So the big security news this week was the Meltdown and Spectre attack methods that affect most modern CPUs. Since they affect the CPUs directly, this is independent of operating system.

Microsoft has released a patch on January 3, which was Wednesday, however they have announced that if you’re running a third-party antivirus that is not confirmed to be compatible with this patch, the patch will be blocked. Some antivirus products were creating unsupported calls in the Windows kernel memory which resulted in blue screens of death (BSODs) in Windows. Third-party antivirus producers are scrambling to release their own updates that will allow the Microsoft patch to work correctly without crashing the system. Unfortunately, the third-party antivirus producers not only need to support the security update; there also needs to be a Windows registry key update as well. To really mitigate this issue system administrators have to make this registry change themselves. This is really sloppy, time-consuming, and generally a hassle for system administrators! The various vendors, including Microsoft, need to address this very quickly!

My assumption is that this will be taken care of given enough time, but in the meantime we’re left in an environment with a fairly large hole in the security arena. Plus, Microsoft is not specifically announcing which third-party antivirus products do work correctly with their patch! Come on guys, transparency is best and a free flow of information in order to keep us safe on our systems!

There’s also going to be a patch for the Linux kernel that should be out fairly soon. I’ll try to stay on top of this and let you know what happens, when it happens.