Forge logo
❮ Return to Incident Remediation

Detect and remediate Meltdown and Spectre

by Puppet
Posted: October 30, 2019

These are vulnerabilities in processors on personal computers, mobile devices, and in the cloud. Follow the steps below to find out if you have affected systems, and fix the vulnerabilities.

Before you begin

  • Ensure your Puppet Remediate instance has access to the systems you want to scan and update.

1. Search for vulnerabilities

Find out if you have Meltdown or Spectre in your systems by opening Puppet Remediate, navigating to Vulnerabilities, and typing the following numbers into the CVE Search box:

Image of CVE search in Puppet Remediate

Meltdown
  1. In the CVE Search box, type: CVE-2017-5754
  2. Press Enter or click Search
Spectre
  1. In the CVE Search box, type: CVE-2017-5753
  2. Press Enter or click Search
  1. In the CVE Search box, type: CVE-2017-5715
  2. Press Enter or click Search

If Meltdown or Spectre are detected continue to the next step.

2. Download the module

Download the Detect and remediate Meltdown / Spectre vulnerability module (as a .tar.gz file) from the Puppet Forge.

3. Add the task

In Puppet Remediate, navigate to 'Manage tasks' and click 'Add tasks'.

Puppet Remediate navigation with Manage Tasks selected

4. Upload the module

Upload the .tar.gz file using the 'Upload a module' feature.

Puppet Remediate Upload a module option

5. Select the vulnerability to remediate

Return to the Vulnerabilities screen, and search again for the CVE(s) that are affecting your systems. Select the vulnerability you wish to remediate.

List of vulnerabilities in Puppet Remediate

6. Review affected nodes

Scroll to the 'Nodes affected' table and click 'Run Task':

  • To update Linux servers, select meltdown::linux_update.
  • To update Windows servers, select meltdown::windows_update.

Run Task dropdown menu with meltdown::linux_update highlighted

Select the appropriate parameter values for the task you selected. Hover over the information symbol for information about each parameter.

Click 'Review nodes'

7. Run the task

Run the task against the affected servers. You can run the task against Windows and Linux servers at the same time.

8. Confirm the remediation

After your next security scan has synced into Remediate, use the search box in Remediate and confirm Meltdown has gone.