Content, Breach, Channel partners, Content

SolarWinds: Meltdown, Spectre Security Patches Drive CPU Utilization

Initial Meltdown and Spectre microprocessor vulnerability patches raised CPU utilization and lowered throughput, according to an analysis of Amazon Web Services (AWS) instances conducted by IT monitoring and management software company SolarWinds.

Key findings from the SolarWinds analysis included:

  • The AWS Meltdown and Spectre security patch rollout impacted most tiers of the SolarWinds platform, including SolarWinds' EC2 infrastructure and AWS managed services (RDS, Elasticache and VPN Gateway).
  • Packet rates dropped up to 40 percent when patches were deployed for Kafka, an Apache open-source stream processing platform used across SolarWinds Cloud for logs, metrics and traces.
  • CPU spikes hit roughly 25 percent CPU on Cassandra m4.2xlarge instances; SolarWinds leverages Cassandra for TSDB storage. Meanwhile, similar spikes took place on other instance types.

Meltdown and Spectre patches likely will continue to impact performance for any business running infrastructure at scale, SolarWinds said in a prepared statement. As such, organizations must adapt their software engineering disciplines to address potential system performance changes, SolarWinds stated, and continue to build distributed systems.

SolarWinds Helps Organizations Address Security Vulnerabilities

SolarWinds provides tools that MSSPs can use to help customers identify and address faulty Meltdown and Spectre security patches, and these tools include:

  • Network Configuration Manager (NCM): Automates network configuration and compliance and helps users roll out upgrades/updates that need to be applied to impacted network devices.
  • Network Performance Monitor: Provides advanced network monitoring for on-premises, hybrid and cloud services.
  • Patch Manager: Enables end users to install Microsoft patches on their Windows machines and schedule and report on Windows devices regarding updates.
  • Server & Application Monitoring (SAM): Helps users detect application anomalies after patches are applied.

The aforementioned tools enable organizations to set up threshold alerting and monitoring on critical devices, SolarWinds noted in a prepared statement. In addition, these tools allow organizations to track security vulnerabilities, SolarWinds indicated, and verify patching.

A Closer Look at the Meltdown and Spectre Security Patches

Intel last week identified three issues in Meltdown and Spectre security patches released for firmware software that is installed directly on its processors, according to The Wall Street Journal. The company has advised computer makers and cloud providers to hold off from using its firmware update and is working with customers to address the problems.

Brian Krzanich, Intel's CEO, vowed to update at least 90 percent of Intel CPUs introduced in the past five years by January 15,  according to a prepared statement. Intel also plans to release updates for the remainder of these CPUs by the end of January, Krzanich said.

Intel released details about the Meltdown and Spectre security bugs earlier this month. Meltdown and Spectre may cause higher system reboots after end users apply firmware updates, and impacted systems include those running Intel Broadwell and Haswell CPUs.

Meltdown and Spectre allow database applications, JavaScript, web browsers and other administrator and user programs to identify the layout or contents of protected kernel memory areas, The Register reported. They also enable malware and hackers to more easily exploit other security bugs.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.