Spectre and Meltdown – News on the latest CPU problems

07.02.2018

As already mentioned in our last What’s New article, the Spectre and Meltdown security vulnerabilities are currently on everyone’s lips. Here you can find out what happened, exactly what the problem is, how spo-comm Mini PCs are affected and what solutions are available for the problem.

History of Spectre and Meltdown

Since the beginning of the year, one topic has been causing a lot of excitement in the IT world: The processor problems Meltdown and Spectre were uncovered. The CPUs at risk are mainly from Intel, but AMD and smartphone chips from Apple and Samsung, for example, are also affected. Intel was already informed about these security vulnerabilities in June 2017, but only made this public at the beginning of January 2018.

Processor gap: What happens?

The security gaps in the processors make it possible for attackers to access sensitive data by cleverly exploiting these gaps. Modern processors rely on the so-called out-of-order feature. Commands are executed speculatively and presumably required data is loaded into the caches. In the program flow, however, it is possible that they are not executed after all due to incorrect speculation. It is precisely this speculation of commands that makes the discovered attack scenarios possible.

Which CPUs are affected?

Intel in particular has suffered from the security gaps that have been discovered. Processors of the Core generation since 2008 are affected, but also the Intel Atom C, E, A, x3 and Z series as well as the Celeron and Pentium J and N series.

The official Intel page on this topic and a list of all affected Intel processors can be found here.

Google also took a stand and published that processors from AMD and ARM are also affected. Although Android systems are affected, they have been protected since the last security update on January 2. Apple is also said to have already closed some of the gaps with an earlier update and plans to follow up with further fixes with the update to 10.3.3.

You can find AMD's official page on this topic here.

What measures are there against Spectre and Meltdown?

The security loopholes can be solved by extensive security patches for all existing operating systems. However, there is currently chaos here: BIOS updates with CPU microcode updates are only distributed by a few manufacturers. Microsoft has already withdrawn a Windows patch for older systems. But even Apple only vaguely explains what happens to Macs from the years before 2010 on which macOS High Sierra does not run.

According to some information, which has not been confirmed by Intel, AMD or other manufacturers, the security updates that are distributed are intended to slow down older (i.e. pre-2013) and weaker processors more than modern ones. For desktop PCs, notebooks and tablets - with the latest processors and Windows 10 - performance drops only minimally. However, Microsoft expects significantly higher performance losses on Windows 7 PCs with older CPUs. The most noticeable effects can be found on systems with Intel processors and fast SSDs (especially PCIe SSDs with NVM protocol, if the microcode update has been installed in addition to the Windows update.

You can find the official Microsoft page here.

To the Microsoft Security TechCenter

Fake BSI emails about security updates

Beware of fake emails about alleged Spectre and Meltdown updates. The e-mails written in the name of the BSI (Federal Office for Information Security) inform you that your end device is vulnerable and try to persuade you to install a supposed update. You can find an example of such a fake e-mail here

Affected spo-comm Mini-PCs

Together with our partners, we are always looking for and testing solutions. As soon as reliable information is available from Intel or Microsoft, we can provide suitable updates.

These spo-books are NOT affected as things stand at present:

-    spo-book WINDBOX II
-    spo-book WINDBOX II Plus
-    spo-book BRICK MSE45
-    spo-book BRICK NM10
-    spo-book TURO GM45
-    spo-book NOVA GM45
-    spo-book BOX NM10
-    spo-book FLUKE NM10
-    spo-book iDESK
-    spo-book MOVE NM10
-    spo-book RUGGED NM10
-    spo-book MOVE T56N
-    spo-book RUGGED T56N
-    spo-book ION 2
-    spo-book ION 3
-    spo-book POS NM10
-    spo-book POS NM10 slim
-    spo-book SQUARE 15
-    spo-book TECH 92F
-    spo-book UNO NM10
-    spo-book WINDBOX III

With regard to the Spectre and Meltdown issues, spo-comm:

-    Always follow the updates from Intel, AMD & Microsoft
-    First check the updates on test computers in the deployment scenario before installing them on live systems,
-    For older devices, test the security patches and check the performance, as the updates may result in a loss of performance.
-    Be extremely careful with BSI e-mails, as they may be fake.

Read our latest What's New article

More on the topic