• Edit 1 (2018-01-05): Add FreeBSD
• Edit 2 (2018-01-06): add several links, official info from Apple
• Edit 3 (2018-01-08): Web browser section, new link, AV, tools
• Edit 4 (2018-01-09): AlienVault,iOS, PoC
• Edit 5 (2018-01-15): Add flog to chrome, PoC

Summary

• Introduction
• CVE references
• Communication from researchers
• Communication from vendors (hardware, software, hoster, cloud based solution)
• Analysis, demos, resources, mitigations, PoC, recommendations, tools
• Web browser information
• Patch issues
• Sources of information

Introduction

As usual there are two (not so ?) new security flaws. But this time it is related to the hardware and more specifically to the processor by 3 different vendors (AMD, ARM and Intel).

So here is a synthesis of every information I have collected on the Net. Thanks to all people who reported and/or provided links/information/tools/PoC.

CVE references

• CVE-2017-5754
• CVE-2017-5753
• CVE-2017-5715

Communication from researchers

• Meltdown or Spectre
• Papers :
  • Meltdown
  • Spectre

Communication from vendors (hardware, software, hoster, cloud based solution)

• Hardware
  • AMD
  • ARM
  • Intel
  • Raspberry Pi
• Software or appliance
  • Microsoft fix for 10, 8.1 and 7
  • Microsoft
  • RedHat
    • RedHat
    • How Red Hat Is Dealing With the Spectre of the CPU Meltdown http://www.datacenterknowledge.com/manage/how-red-hat-dealing-spectre-cpu-meltdown
  • SUSE
  • Google
  • VMWare
  • Apple
  • Debian and this and that
  • FreeBSD
  • Check Point
  • Cisco
  • Extreme Networks
  • HPE Aruba
  • F5
  • Fortinet
  • Juniper
  • NetApp
  • Palo Alto Network
  • Pulse Secure
  • McAfee
  • iOS
  • AlienVault
• Hoster
  • Amazon AWS
  • DigitalOcean
  • Xen: patch exists, no more info.
• Cloud Solution provider
  • Service Now
• Misc
  • Meltdown/Spectre Vulnerability Tracker on Reddit

Analysis, demos, resources, mitigations, PoC, recommendations, tools

• Google Project Zero
• Check the vulnerability with powershell SpecuCheck
• Mozilla Firefox and Firefox mitigations
• Chromium
• Errata Sec
• Microsoft
• Quick synthesis - French
• Cache speculation side channels
• Qualys
• Nixcraft
• Meltdown and Spectre mitigation for organisations
• load issues reported to AWS
• Notes from the Intelpocalypse
• MS Sec updates and Anti-Virus recommendations
• Issues known and reported since 1995
• Explanation from Cloudflare for non-technical people https://blog.cloudflare.com/meltdown-spectre-non-technical/
• Meltdown and Spectre in 3 Minutes by RedHathttps://www.youtube.com/watch?v=syAdX44pokE
• PoC & Demo
  • https://github.com/IAIK/meltdown
  • https://github.com/turbo/KPTI-PoC-Collection
  • https://cxsecurity.com/issue/WLB-2018010039
  • https://github.com/lgeek/spec_poc_arm/blob/master/README.md
  • https://www.youtube.com/watch?v=bReA1dvGJ6Y
  • https://github.com/paboldin/meltdown-exploit
  • https://github.com/GitMirar/meltdown-poc
  • https://www.kitploit.com/2018/01/meltdown-exploit-poc.html
  • https://github.com/lgeek/spec_poc_arm
  • https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6
• Tools
  • Tool to inspect Spectre and Meltdown:
    • https://github.com/Viralmaniar/In-Spectre-Meltdown
    • https://www.kitploit.com/2018/01/spectre-meltdown-checker-spectre.html
    • Verifying Spectre / Meltdown protections remotely
• Status about Anti-Virus or end point protection product here

My obvious recommendations are to patch ASAP, but as we know it is not so obvious. Maybe you can start by patching web browser and apply correct settings, there will be some exploit in the wild in a couple of hours/days. Another important information is the relationship between Anti-Virus and windows patches, there are some recommendations about this on the MS website

Web browser information

• About Firefox
  • Enter in url field: about:config?filter=privacy.firstparty.isolate
    • Enable the option by setting it to true
  • /!\ Take car with profiles, you have to apply this settings on all of them.
• About Chrome and Chromium
  • Enter in url field: chrome://flags/#enable-site-per-process
  • check for Strict site isolation
    • Enable it
  • Enter in url field: chrome://flags/#shared-array-buffer
    • Disable it
  • restart your web browser.
• You can check your browser here

Patch issues

• AMD CPUs and MS Patch issue
• About performance and PCID

Sources of information

• Twitter
  • @epakskape
  • @msuiche
  • @kerouanton
  • @hacks4pancakes
  • @x0rz
  • @MaliciaRogue
  • @Fox0x01
  • @Dinosn
  • @fenarinarsa
  • @Nixcraft
  • @tomchop_
  • @aionescu
  • @sambowne
  • @gossithedog
  • @pzerger
  • @KitPloit
  • @mhmtkcn
  • @cyb3rops
  • @newsoft
  • @binitamshah
  • @ochsff
  • @qrs
  • @securingapps
• Qualys