Critical SQL Server Patches for Meltdown and Spectre

There are two new possible viruses Meltdown and Spectre that can lead to dangerous situations on your SQL server by attacks. The following summary allows you to review and decide how to patch your systems.  All SQL DBAs need to take action to make sure that they have backups as well as protecting the current systems.

Microsoft SQL Server 2016

 

SQL Server Versions Affected

This is a hardware issue, so every system is affected. SQL Server running on x86 and x64 for these versions:

  • SQL Server 2008
  • SQL Server 2008R2
  • SQL Server 2012
  • SQL Server 2014
  • SQL Server 2016
  • SQL Server 2017
  • Azure SQL Database

It is likely that SQL Server 2005, SQL Server 2000, SQL Server 7, SQL Server 6.5 are all affected. No SQL Server patches are coming due to the age and since they have been out of commission for the past few years.

Note: according to Microsoft, IA64 systems are not believed to be affected. If you have SQL Server 2008, 2008 R2, 2012, 2014 you’ll have to wait on SQL Server patches.  You can continue to visit the Microsoft web site for when the patches will become available.

SQL Server Patches

There is a KB (4073225) that discusses the attacks. You can read that in

Here are the patches as of this time:

We will update as more patches become available.

OS Patches

The Window KB for guidance is 4072698.

Here are the OS patches that I’ve been able to find.

Apple Offers Apology, Replacement Deal for Tired iPhone Batteries

Apple has finally told everyone that they slowed down your smart devices due to batteries that no longer could no longer perform up to speed.  iPhone users also got a $29 battery replacement deal.

Message sent

The message sent to all users had the following:

“We know that some of you feel Apple has let you down, we apologize.”

“First and foremost, we have never—and would never—do anything to intentionally shorten the life of any Apple product, or degrade the user experience to drive customer upgrades, Our goal has always been to create products that our customers love, and making iPhones last as long as possible is an important part of that.”

Purchase a replacement battery

The apology does not help anyone who purchases a device between $600 to $900 dollars finding out there is only so much you can do. iPhone users is the $29 battery deal which will allow owners of the iPhone 6 and later to replace the batteries in their phones at a $50 discount. The deal lasts for a year, after which Apple will apparently hike the replacement cost back up to $79.  As always, the push for updating iOS came into sight as well.

The apology falls short of telling anyone they are sorry for slowing your device nor does it indicate that their battery stinks, in which case everyone knew.  This is why there is a class suit filed December 21st in Los Angeles as well as Chicago and New York getting involved.

Users of iPhones older than the iPhone 6, iPads and MacBooks aren’t included in the battery deal. However, Apple does offer battery life extension tips for these devices.

 

Microsoft releases PowerShell script for purpose of testing of Meltdown and Spectre

PowerShell

With the latest news concerning the possible attacks within your computer hardware Microsoft has jumped on providing a PowerShell Script to give a user basic knowledge whether they are vulnerable.  Baron Software followed the guidelines and can attest that it does work providing the end user with information but it doesn’t really tell the end user what to do.  This is almost like being in a bomb shelter waiting for the explosion to happen.

Commendable for Microsoft

Microsoft, at least gave something to work on while hardware manufacturers have to come up with a plan on protecting the end user.  That should be happening in the next few weeks to months but also be aware that countless folks that have older equipment which is no longer supported can be left out.

3 Point Plan

  1. Verify that you are running a supported antivirus application before you install OS or firmware updates.   Make sure you have the latest Anti-Virus software installed and updates are applied.
  2. Apply all available Windows operating system updates, including the January 2018 Windows security updates.
  3. Apply the applicable firmware update that is provided by the device manufacturer.  Wait until the manufacturer issues the release and you review it.  Do not apply out of fear due to the fact that if the firmware is updated and a problem occurs it is possible that the machine can become unusable.

Remember the attacks can only occur if you allow applications from the outside to be executed on the computer as well as leaving it open to the internet by keeping your router unprotected.

Windows PowerShell

The following steps were performed on a Windows 10 Professional machine so be aware of what operating system you have installed.  This does not hurt or disable anything but instead provides information.

  1. Press the Windows key and type PowerShell.
  2. Right click the PowerShell shortcut and select Run as Administrator.
  3. Type Install-Module SpeculationControl and press Enter.
  4. If you are prompted to install the NuGet provider, type Y and press Enter, and repeat if you are warned about installing from an untrusted repository.
  5. With the installation complete, type Import-Module SpeculationControl and press Enter.
  6. Type Get-SpeculationControlSettings and press Enter.

When executing these steps, there is a possibility that the execution policy will not allow it.  Microsoft provides the following information on setting the execution policy for the current user or machine, once again it does not damage anything and you can revert the policy back.

Following steps to save current policy, run the script and revert back.

 $SaveCurrentExecutionPolicy = Get-ExecutionPolicy

Set-ExecutionPolicy AllSigned -Scope Currentuser

Import-Module SpeculationControl

Get-SpeculationControlSettings

# Reset the execution policy to the original state

Set-ExecutionPolicy $SaveExecutionPolicy -Scope Currentuser

Get-SpeculationControlSettings Output

What does this all mean.  Displayed below you will see that the machine this was executed on needs to update the firmware and that is in a holding state until the vendor gets back.

Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID performance optimization is enabled: True [not required for security]

Suggested actions

* Install BIOS/firmware update provided by your device OEM that enables hardware support for the branch target injection mitigation.

BTIHardwarePresent : False
BTIWindowsSupportPresent : True
BTIWindowsSupportEnabled : False
BTIDisabledBySystemPolicy : False
BTIDisabledByNoHardwareSupport : True
KVAShadowRequired : True
KVAShadowWindowsSupportPresent : True
KVAShadowWindowsSupportEnabled : True
KVAShadowPcidEnabled : True

Now you have a taste of what PowerShell can do for you and it is installed on most machines with the latest operating systems and it is a valuable asset to replace good old DOS command.  Go ahead and review what was written to prepare your work place for safety.

How to Protect Your Home Router from Attacks

Protecting everything at your home is essential to your daily life at this point.  You are now using a router in your home for everything from smart devices (ipads, iphones, android devices), printers and workstations. Now is the time to follow these simple instructions.

Choosing a router

You get what you paid for.  Simple term for simple things, you go cheap and you can expect anybody on the outside to attack your internal structure.  Keep in mind you want a solid piece of equipment that provides you with the utmost security and closing down users from the outside.

Change the default admin password

Everybody makes the mistake of not changing a default password when installing a new router.  Big mistake.  Keeping the default password simply allows outside attackers to log into your router and inflect damage.  Choose a strong password and, if given the option, also change the username for the default administrative account.

Secure the administrative interface

Many routers allow users to expose the admin interface to the internet for remote administration and some older devices even have it configured this way by default. This is a very bad idea even if the admin password is changed, because many of the vulnerabilities found in routers are located in their web-based management interfaces.

 

Shutting down services not needed

Services like Telnet and SSH (Secure Shell) that provide command-line access to devices should never be exposed to the internet and should also be disabled on the local network unless they’re actually needed. UPnP service should never be exposed to the internet as well.  In simple terms, keep only the services you need open otherwise close them down.

Secure, Secure and Secure more

Make sure you set up your router with a robust password that is difficult to crack but easy enough for you to remember.  Use alphanumeric characters as well as special characters and finally upper and lower case mix.  If you do not need the guest account to be open then close it.

Additional information can be located here

 

 

 

 

Meltdown and Spectre vulnerabilities

Recently, two critical vulnerabilities were discovered in modern processors. Dubbed “Meltdown and Spectre”, these processor chip vulnerabilities are found on personal computers, mobile devices, and in the cloud.

What is Meltdown

Meltdown exploits a flaw in out-of-order execution, a performance feature found in many modern processor chips. The researchers who discovered it have confirmed that it affects every Intel processor since 1995 (with the exception of pre-2013 Intel Itanium and Intel Atom processors). However, they added that it remains unclear whether ARM and AMD processors are also affected by the vulnerability.

If successfully exploited, an attacker can obtain a copy of the entire kernel address space, including any mapped physical memory, in other words, any data stored in memory at the time of the attack.

What is Spectre

Spectre  has a similar outcome but works in a slightly different way, and exploits a flaw in processor design to trick an application into leaking information stored in memory.

According to the team who discovered Spectre, virtually all modern processors are affected by the vulnerability, including Intel, AMD, and ARM chips. Once again, the vulnerability is operating system agnostic.

Now, the best thing to do at this point is to make sure your workstations are up to date with anti-virus packages and be careful with installing applications from unknown vendors as well as attachments.

Get the latest Anti-virus package.

Baron Software does recommend using Symantec/Norton anti-virus package due to the reliability and updates provided.  The support team at Symantec works countless hours to provide security but you need to understand that if you allow a application to be installed then nothing will help you but a removal tool.

 

ZDNet predicts will 2018 see the death of printers and email in the workplace?

Well as it is expected to come the latest predictions are coming out of the wood work.  ZDNet has predicted that the end of email and the printer in the work place is a thing that will occur within the near future.  Baron Software predicts that neither will be gone at least for another 10 to 15 years.  This theory is solely based on government agencies that still have to provide letters as well as documents for the people.

Sure people can open PDFs on their terminals for review a document but still the old hard copy has to be provided during internal meetings, letters, manuals, etc.  People tend to use their smart devices a lot more to reduce the amount of reading and with each generation it does change.

Older or Younger time to deal with it.

The older workforce still have to review printed documents for the most part as well as they are still the sole folks that purchase newspapers and books.

ZDNet does use the 2017-2018 State of Enterprise Work Report to provide the intelligence to back the issue that productivity drops when a worker needs to review their emails coming from various people which could take up a solid amount of time.  This argument has gone on for the past 5 years and a company actually needs to understand how to make emails work for them by simply laying ground work on reducing the static generated by various parties.  As you may know multiple people within a email trail will place comments extending the email’s life cycle.  If the company was taught correctly that the initial email should not request comments or thoughts but instead do it within a meeting.  From there delegate the person who will be heading the group for that particular project.

The minute the original email opens up a conversation on thoughts or ideas, this can create numerous waste of time types of emails with no thought pattern or just complaining.

Final thoughts or should i send you an email ?

Within the organizations or corporate world there are groups that tend to do things for political reasons for additional power or to enforce the demise of a leader.  The company should teach employees how to reduce the amount of unnecessary emails as well as printing out pages for no reason.  Keep it simple and productivity will increase.

There could be books written on this type of subject but would it be done electronically ?