With news that every modern model version of Intel Processors is a victim of a massive security vulnerability, it is important to understand what Spectre and Meltdown are and how they might impact you.
Spectre and Meltdown are two hardware bugs that have the capability to compromise your valuable data to cyber attackers. These modern processors do not effectively check for permissions and as a result leak information.
Through a complicated series of exploits in most modern CPUs, attackers could gain access data currently being processed on the computer and capture glimpses of protected parts of data embedded within the kernel memory. This might include passwords or business-critical information. Both Meltdown and Spectre can attack PCs, mobile devices, and the cloud so very little is immune from these attacks and are difficult to detect either on your system.
These vulnerabilities can also access data processed by other applications on the same physical machine, and they don’t leave any traces in log files, and traditional antivirus software cannot identify them. Malicious software running on your computer can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents.
While this could have been easily patched if it had been a software issue, being hardware based bugs means the impact is far more severe. This leaves everything running on these processors vulnerable to exploitation.
As of now, no exploitation of Spectre and Meltdown has been reported but safety precautions have to be taken regardless.
At this point, all major service providers have begun looking into resolving the issues. Microsoft has currently patched Windows 10 with Windows 7 and 8 going to be patched shortly. Amazon Elastic compute cloud is also patched and secured. Furthermore, Intel has also designed a new set of CPU hardware features to work with the operating software that helps create a virtual fence to protect your data.
While companies can do their best to stay on top of the situation, you as a small business need to stay on top of the situation too.
Fortunately, the steps to ensure your systems are protected are not difficult to implement. By following the steps below you can ensure that your business is less susceptible to “Spectre and Meltdown” vulnerabilities:
- Update your operating system: Patching your software whether it is Windows or Mac is critical. You can do that by simply following the instructions when prompted to update.
- Update the Firmware of the CPU chip: You will need to download and install updates that come directly from the manufacturer of your PC. Updates for these can be found in the software updates section of your computer.
- Update your web browser. Updates to your browser can be performed when prompted by the software to update.
By keeping your systems up to date you eliminate the risk of being vulnerable to Spectre and Meltdown.
If you have any concerns about Meltdown, Spectre, or patch management please contact us for assistance to help you protect your computers.