NewsSecurity News

Meltdown and Spectre – Vendor Patches

Duncan 3696 Views 0 Comments 3 min read

In early January we became aware of a set of security vulnerabilities known as Meltdown and Spectre that affect modern computer processors. Exploitation of these vulnerabilities could allow an attacker to obtain access to sensitive information.

Microsoft has temporarily halted updates for AMD machines. More information can be found here: https://support.microsoft.com/en-us/help/4073707/windows-os-security-update-block-for-some-amd-based-devices

The three Vulnerabilities have been disclosed:

  1. CVE-2017-5753
  2. CVE-2017-5715 (1 & 2 are collectively known as Spectre)
  3. CVE-2017-5754 (Meltdown)

The following table contains links to advisories and patches published in response to the vulnerabilities. This table will be updated as information becomes available.

Link to Vendor Information Date Added
Amazon (link is external) January 4, 2018
AMD (link is external) January 4, 2018
Android (link is external) January 4, 2018
Apple (link is external) January 4, 2018
ARM (link is external) January 4, 2018
CentOS January 4, 2018
Chromium January 4, 2018
Cisco (link is external) January 10, 2018
Citrix (link is external) January 4, 2018
Debian January 5, 2018
DragonflyBSD January 8, 2018
F5 (link is external) January 4, 2018
Fedora Project January 5, 2018
Fortinet (link is external) January 5, 2018
Google (link is external) January 4, 2018
Huawei (link is external) January 4, 2018
IBM (link is external) January 5, 2018
Intel (link is external) January 4, 2018
Juniper (link is external) January 8, 2018
Lenovo (link is external) January 4, 2018
Linux January 4, 2018
LLVM: variant #2 January 8, 2018
LLVM: builtin_load_no_speculate January 8, 2018
LLVM: llvm.nospeculatedload January 8, 2018
Microsoft Azure (link is external) January 4, 2018
Microsoft (link is external) January 4, 2018
Mozilla January 4, 2018
NetApp (link is external) January 8, 2018
Nutanix (link is external) January 10, 2018
NVIDIA (link is external) January 4, 2018
OpenSuSE January 4, 2018
Qubes January 8, 2018
Red Hat (link is external) January 4, 2018
SuSE (link is external) January 4, 2018
Synology (link is external) January 8, 2018
Trend Micro (link is external) January 4, 2018
VMware (link is external) January 4, 2018
Xen January 4, 2018





Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.