Stay Alert & Action for CPU Multiple Vulnerabilities (aka Meltdown and Spectre)

Multiple Vulnerabilities were identified in CPUs, a remote attacker can exploit these vulnerabilities to bypass security restriction and get sensitive information from the targeted system. They work on personal computers, mobile devices, and in the cloud.

Vulnerability

Vulnerability Note VU#584653

Affected Systems

All systems using Intel, AMD or ARM CPU processors may be affected.

Your Immediate Action

• Stay alert of these critical vulnerabilities.
• Please note that patches will be provided by each vendor and might be applied to some specific version only. So please make sure to install available patches to OS and application.
• Please keep anti-virus software up-to-date all the time.
• At the time being, you may review additional information at Microsoft’s Advisory. ITSC will communicate with LAN admin in more technical details separately.
• Staff users may further seek assistance from LAN admin.
• Due to these critical vulnerabilities, for timely fixing, some services may require to be restarted. This may induce potential services interruption. Though notice will be issued, it may not be well in advance.

Reference:

• https://www.hkcert.org/my_url/en/alert/18010401
• https://www.us-cert.gov/ncas/current-activity/2018/01/03/Meltdown-and-Spectre-Side-Channel-Vulnerabilities
• https://www.kb.cert.org/vuls/id/584653

Enquiry

• Department IT Support (For Staff only)
• ITSC Service Desk
  • ITSC Service Desk: http://servicedesk.itsc.cuhk.edu.hk
  • Phone: 3943 8845 (Office Hours)

Updated on: 10 Jan 2018