Link
Intel  Security Advisory    /     Newsroom    /     Whitepaper
AMD  Security Information
Microsoft  Security Guidance    /     Information regarding anti-virus software    /
 Azure Blog
Amazon  Security Bulletin
Google  Project Zero Blog    /
Need to know
Apple  Apple Support
Mozilla  Security Blog
Red Hat  Vulnerability Response
Debian  Security Tracker
Ubuntu  Knowledge Base
SUSE  Vulnerability Response
Fedora  Kernel update
Qubes  Announcement
LLVM  Spectre (Variant #2) Patch
CERT  Vulnerability Note
MITRE  CVE-2017-5715   /    CVE-2017-5753    /     CVE-2017-5754
VMWare  Security Advisory
Citrix  Security Bulletin
Xen  Security Advisory (XSA-254)   /    FAQ

 

POC de exploração da Vulnerabilidade disponível no Github

https://github.com/paboldin/meltdown-exploit

Fortinet

https://fortiguard.com/psirt/FG-IR-18-002

https://blog.fortinet.com/2018/01/04/fortinet-advisory-on-new-spectre-and-meltdown-vulnerabilities

Status: Ainda em revisão, fortinet classificou como baixo risco

Apple

https://support.apple.com/en-us/HT208394

Cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel

Status: Ainda em revisão, mas não confirmou produtos vulneráveis.

Intel

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

Status: Será endereçada pelo S.O.

AWS

https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/

Status: Não há comprometimento em nível de host, mas há em nível de S.O.

Symantec

https://www.symantec.com/blogs/threat-intelligence/meltdown-spectre-cpu-bugs

https://support.symantec.com/en_US/article.TECH248545.html

Status: Incompatibilidade em algumas soluções

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002

(Boletim de Segurança)

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution

(Mitigação Specter)

https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

(Mitigação Meltdown)

Status: Os patches lançados até o momento se restringem à W10 e apenas previem a exploração de vulnerabilidade remotamente.

Observação: Servidores de Hyper V e Remote Desktop possuem maior risco.

VMware

https://blogs.vmware.com/security/2018/01/vmsa-2018-0002.html

Status: ESXi não é vulnerável, no entanto, para que os patches sejam totalmente funcionais na camada é S.O. é necessário instalar patches no ESXi.

Citrix

https://www.citrix.com/blogs/2018/01/04/industry-wide-computer-processor-vulnerability-what-to-know-what-to-do/

https://support.citrix.com/article/CTX231399

Outros Links

http://www.kb.cert.org/vuls/id/584653

https://isc.sans.edu/forums/diary/Spectre+and+Meltdown+What+You+Need+to+Know+Right+Now/23193/

https://azure.microsoft.com/en-us/blog/securing-azure-customers-from-cpu-vulnerability/