New Vulnerabilities - Meltdown and Spectre - What we know

by 3 weeks ago - last edited 3 weeks ago (4,319 Views)

meltdown-spectre-logos2.jpg

Unless you have been stuck under a rock this week, not been able to read any social media or any News broadcast, then you are surely aware about the newly revealed vulnerabilities: Meltdown and Spectre.

 

The CVE #’s are:

CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754

 

It is part of every security professional’s job to make sure that their hardware is as secure as possible, which is why I wanted to blog about this to keep everyone informed.

 

Now, I cannot tell you too many technical details about the threat, and what Palo Alto Networks is doing about it, but I can give you everything that we know about it as of now. Rest assured that we are taking every measure to ensure that your hardware will remain secure and safe.

 

Our very own Unit42 has a very informative blog entry about it here:

Threat Brief: Meltdown and Spectre Vulnerabilities

 

If you would like to be part of the Live Community discussion about these vulnerabilities.. then you can go here to participate:

https://live.paloaltonetworks.com/t5/Threat-Vulnerability-Discussions/Meltdown-and-Spectre-Vulnerabi...

 

And if you are a Palo Alto Networks customer, then you can go here to read how it has affected our hardware and what can be done about it:

Customer Advisories - Information about Meltdown and Spectre findings

 

UPDATE: We have released Emergency Content version 763 to add coverage for published exploit code that targets the Meltdown and Spectre vulnerabilities.

 

We will continue to keep these articles updated with up to the minute information, so if you are unsure, then please come back to these links for any updates.

 

As always, click the Thumbs Up if you liked this, or better yet, give a shout-out in the comments section below. We are always open to new suggestions, so let ’er rip!

 

Stay Secure,

Joe Delio

End of line.

Ask Questions Get Answers Join the Live Community