Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
HITCON	Freetalk 20180119
Spectre &	Meltdown	漏洞的
修補策略與 risk	mitigation
gasgas
您認為資訊安全是!!!?
資訊系統可以得到100%的安全防護
其實 ….	資訊安全應該是
資訊安全是一種降低資安風險的程序
Risk			=			Vulnerability				X				Threat				X				Asset	
資安風險
Spectre &	Meltdown	漏洞因應流程
資產盤點 漏洞檢查 測試機測試
系統備份
DRP演練執行修補持續觀察
檢查篇
漏洞檢查:		Unix	系統
• 網路上已有許多好心人士提供檢查程式
漏洞檢查:		Unix	系統 網址參考
• [1]	https://github.com/speed47/spectre-meltdown-checker
• [2]	https://capsule8.com/blog/detecting-me...
漏洞檢查: Windows	系統
• 微軟提供查驗是否有效保護的程式
• 2018.01.03的漏洞更新修補先做
• 下載SpeculationControl (powershell)
漏洞檢查:		Windows	系統 網址參考
• [1]	https://support.microsoft.com/en-gb/help/4073119/protect-
against-speculative-execution-side-...
漏洞檢查:	browser
漏洞檢查:		browser		網址參考
• [1]	http://xlab.tencent.com/special/spectre/spectre_check.html
• [2]	Https://github.com/cgvwzq/spec...
修補篇
CPU	level	修補:		換掉CPU
CPU	Level	修補:	Firmware	Update	
• Intel’s	microcode	update
• AMD	will	make	optional	microcode	updates
CPU	Level修補 網址參考
• [1]	https://downloadcenter.intel.com/download/27431/Linux-
Processor-Microcode-Data-File
• [2]	https://...
BIOS	Level	修補
• 主要以notebook等機器為主
• 詳見各家官網
BIOS	Level修補 網址參考
• Lenovo	Desktop https://support.lenovo.com/tw/en/solutions/len-
18282#desktop
• Lenovo	Thinkpad https:/...
OS	Level	修補
• Windows
• Linux
• MacOS
• others
Application	Level	修補
• 程式重新編譯
• Google		的Retpoline 方式
• 有GCC版本跟LLVM版本
• Microsoft	的MSVC方式
• Visual	Studio	2017	version	15....
Application	Level修補 網址參考
• [1]	https://support.google.com/faqs/answer/7625886
• [2]	https://blogs.msdn.microsoft.com/vcblo...
最後 提醒大家一下
所有的修補程式
一定要從官方網站下載
喔…還有一張
新的漏洞正在成形…….
You’ve finished this document.
Download and read it offline.
Upcoming SlideShare
What to Upload to SlideShare
Next
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

Share

【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】

Download to read offline

【HITCON FreeTalk 2018 -暢談 CPU 處理器的歷史包袱】
➠ Talk: Spectre & Meltdown 漏洞的修補策略與 risk mitigation
➠ Speaker: gasgas
➠共筆:https://hackmd.io/IYTgRsAMaQTAtAZhAEwGbwCxlgdniAMaIaGECmAjISoWAKzCbBA=?view
➠ Video:
https://www.facebook.com/HITCON/videos/1732117933486188/

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

【HITCON FreeTalk 2018 - Spectre & Meltdown 漏洞的修補策略與 risk mitigation】

  1. 1. HITCON Freetalk 20180119 Spectre & Meltdown 漏洞的 修補策略與 risk mitigation gasgas
  2. 2. 您認為資訊安全是!!!? 資訊系統可以得到100%的安全防護
  3. 3. 其實 …. 資訊安全應該是 資訊安全是一種降低資安風險的程序
  4. 4. Risk = Vulnerability X Threat X Asset 資安風險
  5. 5. Spectre & Meltdown 漏洞因應流程 資產盤點 漏洞檢查 測試機測試 系統備份 DRP演練執行修補持續觀察
  6. 6. 檢查篇
  7. 7. 漏洞檢查: Unix 系統 • 網路上已有許多好心人士提供檢查程式
  8. 8. 漏洞檢查: Unix 系統 網址參考 • [1] https://github.com/speed47/spectre-meltdown-checker • [2] https://capsule8.com/blog/detecting-meltdown-spectre- detecting-cache-side-channels/ • [3] https://www.endgame.com/blog/technical-blog/detecting- spectre-and-meltdown-using-hardware-performance-counters
  9. 9. 漏洞檢查: Windows 系統 • 微軟提供查驗是否有效保護的程式 • 2018.01.03的漏洞更新修補先做 • 下載SpeculationControl (powershell)
  10. 10. 漏洞檢查: Windows 系統 網址參考 • [1] https://support.microsoft.com/en-gb/help/4073119/protect- against-speculative-execution-side-channel-vulnerabilities-in • [2] : https://support.microsoft.com/en-us/help/4073757/protect- your-windows-devices-against-spectre-meltdown
  11. 11. 漏洞檢查: browser
  12. 12. 漏洞檢查: browser 網址參考 • [1] http://xlab.tencent.com/special/spectre/spectre_check.html • [2] Https://github.com/cgvwzq/spectre • [3] http://xlab.tencent.com/special/spectre/js/check.js
  13. 13. 修補篇
  14. 14. CPU level 修補: 換掉CPU
  15. 15. CPU Level 修補: Firmware Update • Intel’s microcode update • AMD will make optional microcode updates
  16. 16. CPU Level修補 網址參考 • [1] https://downloadcenter.intel.com/download/27431/Linux- Processor-Microcode-Data-File • [2] https://www.amd.com/en/corporate/speculative-execution • [3] https://www.theverge.com/2018/1/11/16880922/amd-spectre- firmware-updates-ryzen-epyc • [4] https://software.intel.com/sites/default/files/managed/c5/63/33699 6-Speculative-Execution-Side-Channel-Mitigations.pdf
  17. 17. BIOS Level 修補 • 主要以notebook等機器為主 • 詳見各家官網
  18. 18. BIOS Level修補 網址參考 • Lenovo Desktop https://support.lenovo.com/tw/en/solutions/len- 18282#desktop • Lenovo Thinkpad https://support.lenovo.com/tw/en/solutions/len- 18282#thinkpad • Lenovo all products https://support.lenovo.com/tw/en/solutions/len- 18282 • Dell http://www.dell.com/support/article/tw/en/twdhs1/sln308587/ • CERT/CC https://www.kb.cert.org/vuls/id/584653
  19. 19. OS Level 修補 • Windows • Linux • MacOS • others
  20. 20. Application Level 修補 • 程式重新編譯 • Google 的Retpoline 方式 • 有GCC版本跟LLVM版本 • Microsoft 的MSVC方式 • Visual Studio 2017 version 15.5, /Qspectre選項
  21. 21. Application Level修補 網址參考 • [1] https://support.google.com/faqs/answer/7625886 • [2] https://blogs.msdn.microsoft.com/vcblog/2018/01/15/spectre-mitigations-in- msvc/ • [3] LLVM https://reviews.llvm.org/D41723 • [4] GCC http://git.infradead.org/users/dwmw2/gcc- retpoline.git/shortlog/refs/heads/gcc-7_2_0-retpoline-20171219
  22. 22. 最後 提醒大家一下
  23. 23. 所有的修補程式 一定要從官方網站下載
  24. 24. 喔…還有一張
  25. 25. 新的漏洞正在成形…….
  • zllin001

    Jun. 24, 2018

【HITCON FreeTalk 2018 -暢談 CPU 處理器的歷史包袱】 ➠ Talk: Spectre & Meltdown 漏洞的修補策略與 risk mitigation ➠ Speaker: gasgas ➠共筆:https://hackmd.io/IYTgRsAMaQTAtAZhAEwGbwCxlgdniAMaIaGECmAjISoWAKzCbBA=?view ➠ Video: https://www.facebook.com/HITCON/videos/1732117933486188/

Views

Total views

6,600

On Slideshare

0

From embeds

0

Number of embeds

5,842

Actions

Downloads

42

Shares

0

Comments

0

Likes

1

×