News

Important Flash news

Critical vulnerabilities in AMD, ARM and Intel processors

The beginning of this year has been marked by the discovery of two highly critical vulnerabilities in the processor architecture of three vendors, AMD, ARM and Intel.

WHICH SYSTEMS ARE AFFECTED?

These flaws are present in almost all IT equipment (PCs, laptops, servers, clouds, smartphones, etc.) from the main vendors, such as Microsoft, Apple and Samsung. The impacted processors concern the most recent processors of the above-mentioned brands but also processors dating back to 1995. The attack surface is therefore very large for malicious actors and represents a great opportunity for them.

WHAT ARE THE RISKS?

The flaws in question have been named Meltdown and Spectre. These two hardwares flaws could allow an attacker to retrieve sensitive information that is not supposed to be accessible by the user environment such as passwords from your browser or password manager.

HOW TO REACT TO THIS ATTACK ?

DFi is in the process of applying the various patches in order not to expose its customers and its entire infrastructure to malicious actions. Even if the public attacks available to date are still limited, it is also essential that each customer updates the operating systems of their virtual servers with the patches which follow in the appendix. These will be automatically applied for customers who have delegated the management of the operating system to DFi.

In addition, the customers of DFi’s Security Operations Center (SOC) benefit from a proactive detection of attempts to exploit these flaws as well as an appropriate response enabling the threat to be quickly contained.

DFi encourages you to always keep your machines and software up to date in order to reduce the attack vectors. Indeed, the majority of attacks to date use vulnerabilities that are several years old, hence the need to apply patches as soon as they are published.

SECURITY FLAW REFERENCES:

For more information refer to the following CVEs:

  • CVE-2017-5715
  • CVE-2017-5753
  • CVE-2017-5754

https://meltdownattack.com
https://spectreattack.com

APPENDIX OF EXISTING PATCHES TO DATE :

For Microsoft Windows :

  • Microsoft Windows 7 : KB4056897
  • Microsoft Windows 8.1 : KB4056898
  • Microsoft Windows 10 : KB4056892
  • Microsoft Windows Server 2008 R2 : KB4056897
  • Microsoft Windows Server 2012 R2 : KB4056898
  • Microsoft Windows Server 2016 : KB4056890
  • Microsoft Windows Server Core version 1709 : KB4056892

For MacOS :

  • A patch has been released in MacOS 10.13.2

For Linux :

  • CentOS 7 : 3.10.0-693.11.6
  • Other GNU/Linux distributions: update to the latest kernel version

It is also necessary to update your internet browser to the following versions

  • Mozilla Firefox : version 57
  • Google Chrome : version 64
  • Microsoft Edge via KB4056890

Let’s stay vigilant together.

Security Operations Center – DFi Service SA