Intel Security Vulnerabilities: How Autotask Endpoint Management Protects vs Meltdown, Spectre

Author: Ian Van Reenan, VP at Autotask, now part of Datto
Author: Ian Van Reenen, VP at Autotask, now part of Datto

While concerns around Intel’s latest chip security issues continue to mount, Autotask understands that these and similar challenges are regularly faced by our customers. In order to mitigate the risk, it is critical you’re able to respond, protect and support your clients; as well as assist in the recovery should any vulnerability be exploited. There is some good news: Autotask Endpoint Management provides a number of tools to address the current Intel security vulnerabilities.

Addressing Meltdown: Of the current issues, Meltdown is the easier of the two to mitigate and patch. Microsoft released a patch for Windows 10 last week, and will issue one for other supported operating systems in the next few days. Apple says its patch, released last month, December 20, 2017, addressed this flaw. For MSP professionals having a patch automation system such as, Autotask Endpoint Management in place – and ensuring that it is correctly enabled – is vital in order to protect against any of these vulnerabilities.

For those of you who have already configured patch management with Autotask Endpoint Management, we advise ensuring the latest patches released by Microsoft are installed as soon as possible (time is of the essence).  For those who don’t use Autotask Endpoint Management automated patch process, we will release a component early this week to be deployed on-demand by Autotask Endpoint Management to scan, download and install the relevant patch to those machines affected.

Ryan Weeks, CISO, Datto

Addressing Spectre: The second part of Intel’s security flaw, Spectre, requires a different approach. This vulnerability is hardware based, and will require a firmware update which cannot be fully automated. While Intel has already alerted those at risk of the concern, manufacturers are still busy releasing firmware updates to address the issue. Autotask Endpoint Management customers can make use of the automated Audit and Search functionality to identify devices at risk and apply firmware updates as they become available.

We will be following all developments, updates and news related to this issue closely and will keep our customers informed as to how they can stay on top of this security threat and protect clients with Autotask Endpoint Management.

For more background about the Processor Memory-Access Security Vulnerabilities, please read Datto Chief Information Security Officer Ryan Weeks’ blog on ChannelE2E here.

Author Ian Van Reenen is VP of engineering, endpoint products at Autotask, now part of Datto. Read more Autotask blogs here.