Germane System Hardware and the Meltdown and Spectre Vulnerabilities
January 8, 2018
Every day, there are security challenges to protect the integrity of networks, programs and data. Germane Systems is dedicated to being part of the solution to these challenges, and we wanted to address the latest vulnerabilities that affect modern CPU microprocessors manufactured by Intel, AMD, and ARM referred to as Meltdown and Spectre. This issue is not specific to any one manufacturer and takes advantage of techniques commonly used in most of the modern CPU microprocessor architectures known as “side-channel attacks”. Exploitation of this vulnerability has the potential to affect a large range of products ranging from desktops, laptops, servers, storage, small-form factor (SFF) and mobile devices.
Germane’s advanced rugged computing systems use Commercial-off-the-Shelf (COTS) such as Intel’s high-end processors utilizing components to deliver the performance needed worldwide by industry and military customers. Our strong industry knowledge and partnership with Intel has allows us to address the valid concerns of the Meltdown and Spectre vulnerabilities with expertise and minimize potential risks to our customers.
Meltdown and Spectre Overview:
In order for Meltdown and Spectre exploit to take advantage of these known vulnerabilities, it must be operating locally on a host system (any networked computer that provides services to other systems or users) in order for it to be successful. A malicious program can exploit the side-channel attacks allowing for an unknown individual or organization to obtain information stored in the memory of programs running on the device. Some examples are passwords stored in a password manager or browser, emails, instant messages, photos, and critical business documents.
- Mitigations include updating both the
- Operating System (OS) software with a service pack or patch, and
- Mainboard and processor firmware via BIOS updates, which are now available by the various OS manufacturers.
- Through good security methods and practices, these attacks can be prevented. Intel has reported that researchers were able to demonstrate a proof of concept.
Germane is following the mitigation actions; deploying the OS patches and firmware updates within our own IT infrastructure in line with best security practices.
Two essential actions need to be conducted to mitigate the CPU vulnerabilities to Meltdown and Spectre:
- Review host systems to ensure most current up to date Operating Systems and
- Apply the applicable
- Operating system (OS) service packs\patches
- mainboard and processor firmware update via BIOS updates
For additional information on the affected platforms and next steps to apply updates, please refer to the security advisories and resource links below. Manufactures will be updating regularly as new information becomes available. If you have any other questions or concerns about how these processor vulnerabilities may impact your Germane Systems product(s) please contact us at firstname.lastname@example.org
Manufacturer Security Advisories and Resource Links: