Unless you’ve been living under a rock for the past few days, you’ll have heard that there are a couple of new computer security vulnerabilities that are causing panic in the technology world. But what are Meltdown and Spectre? How serious are they, do they affect you and do you need to do anything? This short post summarizes the information have so far on both flaws and provides an update on Comodo’s progress in patching its systems against them.
Spectre and Meltdown are two security flaws in computer processors which can be exploited to steal passwords and other sensitive user data. The flaws affect virtually all processors made by Intel, AMD and ARM in the past 20 years, meaning Windows PCs, Android and iOS devices and MAC are all vulnerable.
Meltdown affects Intel processors and allows an attacker to read information from application memory at the kernel level. The kernel is the part of an operating system that manages system calls and resources on a system, giving it carte-blanche control over everything on a computer. Because Intel has an 87% share of the processor market, the Meltdown flaw is bad news for pretty much everybody. A successful exploit would give an attacker access to virtually everything on your computer, including passwords, personal information, photos, emails and documents.
So far, researchers have provided only a proof of concept that the attack works if an attacker has access to the local computer. However, although there is no recorded evidence of the flaws being exploited yet, the fact that they are now public means hackers will begin working on real-world attacks. Accordingly, major software and cloud service companies such as Google, Microsoft, Amazon and Apple have rushed to push out updates to fix the exploits.
One snag with Microsoft’s Windows update is that tests have shown it to be incompatible with antivirus products from some 3rd party vendors. Microsoft has decided to not push the update out to users with offending antivirus products, until the vendor has updated their software to remove the incompatibility. Regardless, all users should implement the latest security updates to their systems as a highest priority when it becomes available.
Spectre also affects Intel processors and also those by AMD and ARM, expanding its reach to virtually every device in the world. It is more difficult to for an attacker to exploit but, unfortunately, is also harder to mitigate. Whereas patches have been made widely available for Meltdown, responses to Spectre have been much slower.
Comodo, like all major security vendors, was very concerned to learn of these flaws and immediately set about testing the scope of the impact on our systems:
Comodo Client Security
A vital component of Comodo’s IT and Security Manager platform, Comodo Client Security is the endpoint agent which provides antivirus, firewall and threat containment for Windows and MAC OS devices. It is fully compatible with Microsoft’s latest patch, so our customers should go ahead and deploy the patch as soon as it is available. Microsoft already started distributing patches for Windows 10 devices and we believe other OS versions will follow soon. While Comodo Client Security is not going to be officially vetted by Windows as compatible until our major release planned to be on 27th of Jan, our tests shows no issues that might lead to crash or BSOD on patched devices. We recommend everyone to patch their devices at their convenience. You can use the Patch Management functionality in ITSM to deploy the patches to all managed devices.
Comodo One cloud platform
Comodo One uses Amazon cloud servers to host part of its services. Those servers, like much of the internet, are powered by Intel chips, meaning Amazon must address these flaws in order to protect the data of our enterprise customers. The good news is that Amazon has already implemented patches on its systems and we’re pleased to announce our evaluation of our cloud platform shows no direct issue or risk for our applications. As is usual in situations like this, we are working closely with Amazon to ensure continued security and availability for our customers.
Comodo would like to remind our customers that your security, satisfaction and reliability are of paramount important to us. If you have further questions or need support regarding this issue, please contact us via https://support.comodo.com/ or +1-973-396-1235 (enterprise) / +1-973-396-1232 (MSP).