Skip to content

Instantly share code, notes, and snippets.

@mtigas

mtigas/01.md

Last active January 6, 2018 00:40
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mtigas/986fd27f51270fd9d14ca57cf7e45f78 to your computer and use it in GitHub Desktop.
Save mtigas/986fd27f51270fd9d14ca57cf7e45f78 to your computer and use it in GitHub Desktop.
Download ZIP
some notes about meltdown & spectre patches
Raw
01.md

(originally from a tweet thread: https://twitter.com/mtigas/status/949337073495916544 )

updated january 5, 2018; 12:47 US Eastern Time

ok here's a rough list of links i have collected about patches for meltdown / spectre https://kb.cert.org/vuls/id/584653 , that i sort of compiled for my own reference but figure others might want. (info as of this morning, january 5. might have mistakes, use at own risk, etc)

MacOS High Sierra 10.13.2+, Sierra 2017-002 security update, and El Capitan 2017-005 security update mitigate meltdown:
https://support.apple.com/en-us/HT208394
https://support.apple.com/en-us/HT208331

iOS 11.2+ mitigates meltdown:
https://support.apple.com/en-us/HT208394
https://support.apple.com/en-us/HT208334

Windows 7, 8, 10 patches are out, mitigating meltdown:
https://support.microsoft.com/help/4073119

Android "January 2018" security patch level mitigates meltdown:
https://support.google.com/faqs/answer/7622138#android

Fx 57 patched, mitigating spectre
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

Chrome 64 (January 23) will mitigate spectre; can optionally mitigate now — “Strict Site Isolation” in chrome://flags
https://support.google.com/faqs/answer/7622138#chrome

Safari update "in the coming days" to mitigate spectre
https://support.apple.com/en-us/HT208394

Ubuntu kernel updates by Jan 9, for 17.10, 16.04 LTS, 14.04 LTS, mitigating meltdown:
https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/

Debian stable has an updated kernel out, mitigating meltdown:
https://www.debian.org/security/2018/dsa-4078

AWS has patched the host hardware for EC2 boxes:
https://aws.amazon.com/security/security-bulletins/AWS-2018-013/

Raw
02.asc
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
(originally from a tweet thread: https://twitter.com/mtigas/status/949337073495916544 )
updated january 5, 2018; 12:47 US Eastern Time
ok here's a rough list of links i have collected about patches for meltdown / spectre https://kb.cert.org/vuls/id/584653 , that i sort of compiled for my own reference but figure others might want. (info as of this morning, january 5. might have mistakes, use at own risk, etc)
- ---
MacOS High Sierra 10.13.2+, Sierra 2017-002 security update, and El Capitan 2017-005 security update mitigate meltdown:
https://support.apple.com/en-us/HT208394
https://support.apple.com/en-us/HT208331
iOS 11.2+ mitigates meltdown:
https://support.apple.com/en-us/HT208394
https://support.apple.com/en-us/HT208334
Windows 7, 8, 10 patches are out, mitigating meltdown:
https://support.microsoft.com/help/4073119
Android "January 2018" security patch level mitigates meltdown:
https://support.google.com/faqs/answer/7622138#android
Fx 57 patched, mitigating spectre
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
Chrome 64 (January 23) will mitigate spectre; can optionally mitigate now — “Strict Site Isolation” in `chrome://flags`
https://support.google.com/faqs/answer/7622138#chrome
Safari update "in the coming days" to mitigate spectre
https://support.apple.com/en-us/HT208394
Ubuntu kernel updates by Jan 9, for 17.10, 16.04 LTS, 14.04 LTS, mitigating meltdown:
https://insights.ubuntu.com/2018/01/04/ubuntu-updates-for-the-meltdown-spectre-vulnerabilities/
Debian stable has an updated kernel out, mitigating meltdown:
https://www.debian.org/security/2018/dsa-4078
AWS has patched the host hardware for EC2 boxes:
https://aws.amazon.com/security/security-bulletins/AWS-2018-013/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEGzfVMu3Uhpsce8OaFLh4upXaaEoFAlpPutgACgkQFLh4upXa
aErLpBAAnABFpNkGDgo/ym5ItsMmHW376PdBFs5/u/0Tb+hTNxof8cNwmb2eDQie
fCgDrz0H4SSgn+Pwc+0YWjpQh++aIGFH47odvqBel8tJOFwEtKzG27j0WIdXfOpO
/exHuDvKtdIpW9Z8iXrP53a8TGGu9r0g+k15DDfWzPMJWYlJbBmaDjWmo5rQSaIZ
xyTXHmyv/51SEaksteIG9X5nTVRgu7s38R1sz1ouX/Wo9fLIlalzSdRz+VbrXFMU
/c0Kp0YyOlWGkWvWJZRRb96yLsauzpVSCFXb3aiqAI1GYgLizGV+TbbZWTrNB2zu
hzTwVlsEMA/eGurIufUiRrS/1gaeJDZugQE4eDFQ7NJx2s1ff81fHC2frSC5KN9+
cS/m52LWvHTY43X10ZfkrwKheTo9wtFWh1TZJKqCOITQO8ojSK1XEqyl1JyvVIyv
MP9fIZp7rtmwSCASfEFbZPdp1BWUSlprp5QmHVHom1kFHgVtLvOgXBIFFpMJNeqc
fGcE9IKmh49uWXc9mRAl05Mld9G+dnBSMUfzkxZWDPB0dp88lCPQ7w7Ned8KxFBV
vBEODYMWGbBZ9Vf8pced/fjazRKjhoa9MsmiFKXgO3So6zH1HyTzPPEWMJ4GdrPr
H/IhFzylJ9zY6aUuUAl0uYhAlBwLiWyczxa53TGkuR6atTEwYkKIdQQBFgoAHRYh
BItGQY5yqiNW39CiWcLRWFA2AC2TBQJaT7rZAAoJEMLRWFA2AC2TyU0A/AxIJ/TX
Md4hyobMloEt9mkGWq93hD21V8kLZ/H5XfmcAP9W5El+/BIWn8Ain7j9EZ0TE/2a
nTN0lcBJy0PeNEYXDQ==
=8XI6
-----END PGP SIGNATURE-----
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment