'Meltdown' and 'Spectre' critical vulnerability

A critical vulnerability has been discovered in the architecture of the modern CPU. There are three different attack methods and are leveraging the reading of privilege memory with a side channel.

The attack methods named are 'Meltdown' and 'Spectre'. While initially only thought to be an Intel vulnerability, the CPU's speculative execution methods that these attacks target are shared by Intel, AMD and Arm.

The attacks themselves do not access sensitive data on your storage, however they do potentially allow malicious code to access speculatively executed information.

Details from Intel can be found here.
Details from AMD can be found here.
Details from Arm can be found here.
Details from Microsoft can be found here.

​More information on Speculative Execution can be found here.
Detailed information (from Google) about the vulnerabilities can be found here.

There are multiple parts to patching this vulnerability with operating system patches, and the OEM manufacturer updating the microcode of the processor itself:

• Variant 1: Bounds check bypass
  • Requires operating system updates
  • Vulnerable to Spectre attack
• Variant 2: Branch target injection
  • Requires processor microcode updates
  • Requires operating system updates
  • Vulnerable to Spectre attack
• Variant 3: Rogue data cache load
  • Requires operating system updates
  • Vulnerable to Meltdown attack

For all of our hardware customers; we will be maintaining a set of links on this page for your reference.  If you require any support on this issue then please contact our support team or your account manager through your usual channels. ​For our ongoing SCCM support contract customers, we have already started the update management process and will liaise with you directly on performing updates as they become available.

Microsoft has released a blog post about the vulnerabilities and the impact of them. Take note that this article discusses the performance impacts of patching your system. It appears that older operating systems such as Windows 7 and 8 have a more noticeable performance hit than Windows 10.

Running Windows Update should patch the Operating System part of the vulnerability, below are the OEM links that will be maintained with firmware/BIOS updates.

OEM Links;

• Lenovo
• Toshiba
• HP