Meltdown & Spectre

Everything you wanted to know but were afraid to ask

 

What are they and what are the risks? Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It’s really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer in the world, including your workstation and servers.

This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, computer programs are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation.

So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.

What is being done about this? All computers need to be updated and patched. This is going to take some time, some of the patches are not even available yet. You may have to replace some mission-critical computers as older systems and software are unlikely to receive updates. If you notice an update is available for your anti-virus, web browser, or operating system, it needs to be installed right away.

This issue is a bit complex, but Google, Apple, Microsoft, and Firefox are working to implement a stop-gap to prevent malicious websites from exploiting this bug until an operating system patch is available. You should also be aware that once the patch is available, your computer could incur up to a 30% performance impact. On Windows systems, if your anti-virus is outdated, it may prevent Windows from installing the security fix.

In the meantime, be extra vigilant with security at the top of your mind and Think On It Before You Click On It.

Ref: https://meltdownattack.com/
Announcement originally composed by KnowBe4 and updated by Blueguppie IT.