Spectre, Meltdown, and Your Enterprise

Update: Intel has reported that customers with certain CPUs are experiencing random reboots after applying firmware updates to patch this vulnerability. I can’t say this enough but TEST before rolling these out!

By now, you have likely heard about recently disclosed vulnerabilities called Spectre and Meltdown.  If not, TechCrunch has a detailed article about them that will get you up to speed.  The vulnerability affects most modern operating systems and processors.  It also affects other systems such as iOS, MacOS, Android, Chrome, etc.

I have found that many IT people I talk with do not understand what needs to happen to address these vulnerabilities.  I think this is (at least partly) because unlike many previous vulnerabilities, simply installing a Windows update does not fix the problem.  The fix also requires registry keys to be set and firmware updates released by the hardware manufacturers to be applied.

After reviewing what needs to happen to protect enterprise systems, I have pulled together some information so you can protect yourself as well.  While this is not an all-encompassing guide, it should point you to many of the resources needed to address the vulnerabilities.    Rather than this blog post being extremely long and repetitive, you will find many linked items below to already created documentation that will be helpful in patching your systems. Continue reading