Mitigation for Meltdown and Spectre exploit

Mitigation for Meltdown and Spectre exploit



Introduction to Meltdown and Spectre

Meltdown and Spectre are 
two new hardware bugs that exist in Intel, AMD, and ARM processors and capable of exposing any sensitive data  processed by countless computers and devices. Personal data like passwords, photos, emails, and even business-critical documents can be accessed and stolen. Read more.

Exploits
  1. CVE-2017-5754 (Meltdown) and 
  2. CVE-2017-5753 and CVE-2017-5715 (Spectre). 
Mitigation 

Bulletin ID: MS18-JAN1

ManageEngine patch management team have already supported patches for the latest Microsoft emergency security update to secure the vulnerability exploited by Meltdown and Spectre. 


Follow the below steps to resolve this error,

  1. Navigate to Patch Mgmt tab->click "Update Now" under Update Vulnerability DB.
  2. Scan all you your systems, to identify missing patches. 
  3. Search keyword "Meltdown" or "Spectre" under Patch Description Field. 


4.Select all the missing patches with description about Meltdown/Spectre -> Click "Install patch" to deploy all together.
5.You can also verify their installation status after deployment.


Stay tuned for other OS updates & fixes related to Meltdown and Spectre. 
            Related Products