Channel, Networking

Meltdown, Spectre Vulnerabilities: Operating System Patch Guidance

Share
Credit: Getty Images
Brett Cheloff, ConnectWise
Author: ConnectWise's Brett Cheloff

*Update 01/09*

The news around Meltdown and Spectre continues to evolve and expand. It's important to stay up to date on forming news around this. Visit ConnectWise here for the ongoing updates.

Here’s what we know today:

This event is more than an Intel chip flaw and more than just a simple update to operating systems. Updates to firmware, endpoint security solutions, browsers will be necessary as well. We have been reading reports that updates rolled out last week to devices with certain AMD processors are experiencing adverse reactions like the dreaded BSOD (Blue Screen of Death). Microsoft released a support note yesterday that it will halt the installation of security updates for some AMD based devices. Read it here. Endpoint security solutions are understanding how they too are affected by registry keys Microsoft is leveraging for the updates rolled out to patch operating systems and are reacting. It has also been forming that Internet browsers may be at risk as well.

The good news is that there are NO KNOWN EXPLOITS in the wild reported. Which gives us time to plan and act.

It will be super important to execute on any updates releasing from vendors over the next few weeks as Meltdown and Spectre continue to unfold and unravel. It is highly advisable to test these updates before rolling them out to production.

At ConnectWise:

  • We are continuing to monitor this event closely and help facilitate communication to our partner base.
  • We will continue to work closely with our ecosystem of vendors for awareness and action.
  • We will soon release an Automate Dataview for this event.

Microsoft Windows Links

Here is a list of Microsoft Windows KBs and helpful links:

Operating system version

Update KB

Superseded Patch

Windows Server, version 1709 (Server Core Installation) 4056892

4054517

Windows Server 2016) 4056890

4053579

Windows Server 2012 R2 4056898

N/A

Windows Server 2012 Not available

N/A

Windows Server 2008 R2/Windows 7 SP1 4056897

4054518

Windows Server 2008 Not available

N/A

Windows 10 for 32/x64-bit Systems 4056893

4053581

Windows 10 Version 1511 4056888

4053578

Windows 10 Version 1607 4056990

4053579

Windows 10 Version 1703 4056891

4053580

Windows 10 Version 1709 4056892

4054517


More Resources

The following resources we have found very helpful over the past few days:

*Update 01/05*

If you have been following the progress of the reported Intel processor flaw, then you already know Microsoft is releasing several out-of-band security updates and is updating Windows 10 devices before next Patch Tuesday. ConnectWise® Automate™ has been following closely and we want you to know we have your back!

First and foremost, it is important to understand how Automate’s Patch Manager can help you ensure your partners’ devices are patched and no longer at risk for exploits. Since Automate leverages the Microsoft update agent, as soon as patches are made available by Microsoft, Automate can instigate an inventory check for newly released patches so that you can begin patching immediately.

We will also release a new Automate Dataview specifically for this Meltdown event. Dataviews in Automate are used as a solution for many scenarios. For example: I want to see all failed monitors system-wide. There’s a Dataview for that. Or perhaps I would like a list of product keys in use by devices system-wide. There’s a Dataview for that. Partners already using Automate will be able to download the Intel Meltdown Vulnerability Check Dataview from the Automate Solution Center. What this Dataview enables our partners to do is quickly see the health of managed devices having the appropriate patches installed. This quick view also provides insight into devices needing to be turned on or those that may have an out-of-date patch inventory.

In the Patch Manager, you can simply approve updates and have them install on a previously scheduled window or install them immediately. Whatever you feel comfortable with. Our Patch Manager also gives partners the ability to test new patches before rolling them out to production. This is a great advantage for zero-day patches like this. Understanding how a patch may affect a device before rolling it out to multiple devices can make the difference between a good day and a bad one in the IT world. For those technicians that have had a device blue screen after an update can sympathize.

When you use ConnectWise Automate, rest assured. We give you the solutions to make your job easier and give you more time back!

We will continue to monitor Meltdown and Spectre to keep you ahead of a possible security crisis.

Did you hear about the Intel flaw that affects millions of computers running Windows, macOS, and Linux? Well if you haven’t already read the headlines, let us fill in some of the gaps.

A security hole was discovered in the Intel processors that were made within the last decade. This was reported Wednesday, January 3, 2018. Specific details about the Intel bug is limited and Intel themselves aren’t really saying much. However, details about developers’ fixes are emerging and point to the access of memory by programs running on the device. This does create a cause for alarm based on the fixes being created which involve moving memory used by the computer’s kernel, which is essentially the central part of an operating system. It can be deduced that anyone out there that may want to exploit this flaw and cause harm, could. Things like passwords, login details, and other types of secured information on an affected device could be at risk.

Developers around the world are steadfast in their attempts to patch affected operating systems. Microsoft has already released an out-of-band security update for Windows 10 and we are waiting for further updates to patch this Intel flaw. Stay tuned as we continue to monitor this situation.

ConnectWise® Automate™ has you covered. With last year’s WannaCry, Petya, and NotPetya outbreaks we’ve learned a lot and strive to be more proactive in getting you the information and solutions you need to prevent a security crisis.

*Original*

If you have been following the progress of the reported Intel processor flaw, then you already know Microsoft is releasing several out-of-band security updates and is updating Windows 10 devices before next Patch Tuesday. ConnectWise® Automate™ has been following closely and we want you to know we have your back!

First and foremost, it is important to understand how Automate’s Patch Manager can help you ensure your partners’ devices are patched and no longer at risk for exploits. Since Automate leverages the Microsoft update agent, as soon as patches are made available by Microsoft, Automate can instigate an inventory check for newly released patches so that you can begin patching immediately.

We will also release a new Automate Dataview specifically for this Meltdown event. Dataviews in Automate are used as a solution for many scenarios. For example: I want to see all failed monitors system-wide. There’s a Dataview for that. Or perhaps I would like a list of product keys in use by devices system-wide. There’s a Dataview for that. Partners already using Automate will be able to download the Intel Meltdown Vulnerability Check Dataview from the Automate Solution Center. What this Dataview enables our partners to do is quickly see the health of managed devices having the appropriate patches installed. This quick view also provides insight into devices needing to be turned on or those that may have an out-of-date patch inventory.

In the Patch Manager, you can simply approve updates and have them install on a previously scheduled window or install them immediately. Whatever you feel comfortable with. Our Patch Manager also gives partners the ability to test new patches before rolling them out to production. This is a great advantage for zero-day patches like this. Understanding how a patch may affect a device before rolling it out to multiple devices can make the difference between a good day and a bad one in the IT world. For those technicians that have had a device blue screen after an update can sympathize.

When you use ConnectWise Automate, rest assured. We give you the solutions to make your job easier and give you more time back!

We will continue to monitor Meltdown and Spectre to keep you ahead of a possible security crisis.


Brett Cheloff is general manager of ConnectWise Automate. Read more ConnectWise blogs here.