Quick Heal Advisory on Meltdown and Spectre CPU Vulnerabilities
Credit to Author: Prashil Moon| Date: Tue, 09 Jan 2018 14:27:49 +0000
With the recent disclosure of Meltdown and Spectre vulnerability in popular CPUs, Microsoft released out-of-band updates to patch almost all of the vulnerable systems. Upon successful exploitation of these vulnerabilities, an attacker can access recently accessed sensitive information like usernames and passwords from the system memory. After getting access to this sensitive data an attacker can steal the user data thus putting the user’s security at risk. Meltdown is known to affect only Intel processors and Spectre is found to be affecting Intel, ARM, and AMD processors. Quick Heal Security Labs has published a detailed blog post on the Meltdown and Spectre CPU vulnerabilities. Till now, no instances of exploitation of these vulnerabilities have been observed in the wild. Also, no malware have been found to be making use of these vulnerabilities. A problem with applying the security updates To fix these vulnerabilities, Microsoft released out-of-band Windows Security updates on 3rd January 2018. With these updates, Microsoft identified an update compatibility issue on some systems which resulted in the Blue Screen of Death (BSOD). This issue was caused due to the incompatibility of some of the antivirus applications and applied Windows security updates. To avoid this potential error, Microsoft offered these Windows security updates to only those systems which are running compatible antivirus applications. For successful installation of security updates, Microsoft notified antivirus software vendors to add a specific registry key on the user’s system. Security updates will get applied only if this ‘specific’ registry key is present on the system. At Quick Heal, we have ensured that we fulfill all the requirements laid out by Microsoft and that users do not get affected by this incompatibility issue. We recommend all our customers to apply the latest updates of Quick Heal (publicly available) followed by Microsoft security updates. Although we haven’t found any incidences of malware exploiting these vulnerabilities, Quick Heal’s multilayer protection will continue to keep our customers safe from any related threats, if found in the future. The post Quick Heal Advisory on Meltdown and Spectre CPU Vulnerabilities appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.
http://blogs.quickheal.com/feed/