We are aware of the two recently discovered vulnerabilities, currently going by the names Meltdown and Spectre. These vulnerabilities affect most modern processors (including Intel and AMD), and allows an unauthorized process access to privileged system memory. Click here to see Microsoft’s Security Advisory for how to mitigate this attack.
At this point, there are no known exploits of this vulnerability; it has only been publically disclosed.
Microsoft has released a Security Only Update on January 3, 2018 to address this vulnerability for Windows devices, however there is a known compatibility issue with this patch and some Antivirus solutions, causing devices to experience a stop error (also known as blue screen errors) that make the device unable to boot. Click here to read more on this known Antivirus compatibility issue.
Our client agent/antivirus solution will automatically install the required patches and AV updates early next week after they have been tested by our NOC.
Because the list of Antivirus solutions with compatibility issues is not yet known, we DO NOT recommend that customers install this Microsoft update to their end client machines at this time. We do not recommend it, as that could cause a blue screen error if that change is made before the AV software installed on that resource is compliant with the new Microsoft update. AV vendors are automating this registry change when the software is compliant. However if you do still wish to implement the updates manually, CNE IT can assist you!