Security Procedures Implemented for “Spectre” and “Meltdown” vulnerabilities

Security Procedures Implemented for  “Spectre” and “Meltdown” Vulnerabilities

ESC Region 11 has initiated the process to secure our technology stacks and environments against the recently exposed Intel and AMD vulnerabilities.  These vulnerabilities were made public 1/3/2018 and are commonly referred to as “Spectre” and “Meltdown.”  We are proactively implementing security procedures to protect our customers based on the recommended patches that were released on 1/9/2018 and are dedicated to communicating our current mitigation plans.


This flaw affects CPU chips from Intel and AMD.  These chips are used on most of the world’s computing equipment.  At present, no known attacks have taken place.  We are preparing a plan to patch this vulnerability and have already successfully deployed and tested several patches on systems that we knew would not cause service down-time.  As part of this plan, we will patch the remaining systems in a way that causes the least amount of interruption as possible.  The update process will occur over the next few days in order of importance.  Some of these patches will need to include a reboot as part of the process.  We expect the timeframe of any service disruptions to be minimized to 10-15 minutes based on the necessary system reboots.  We will schedule these critical system reboots over the weekend (1/13/2018 and 1/14/2018).  Non-critical or non-service-affecting reboots are happening as needed to apply the necessary patches.


Impact to customers and users:

Please be aware that you may experience momentary connectivity issues over the weekend as systems are being patched.  We are committed to the security of our systems at ESC Region 11 and during this process we will continue to monitor our systems in a layered approach that includes end-point protection, firewall protection, and intrusion detection measures.  Our team is also actively following development of any corrective measures that need to be taken to protect against other non-intel processor vulnerabilities.


Thank you,

ESC Region 11 IT Support Team