Male Rep 2

 

 "Customer's perception is our reality"

Have IT Questions?
Call us now (888) 894-6411

Blog

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

Just a few months after finding themselves in a firmware fiasco, Intel is making news for all the wrong reasons. This issue had the potential to affect the CPU of a device, causing a severe dip in the performance of the device.

In a blog post by a user going by the name Python Sweetness, an issue was reported, describing “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.” This means that, thanks to this bug, the interactions that different programs would have with the CPU would be affected.

Under normal circumstances, a CPU will have two modes that it operates under: kernel, which permits the user to make changes to the computer itself, and user, which is considered a ‘safe’ mode. Python Sweetness discovered a bug that blurred the distinction between the two modes. The bug allowed programs run in user mode to also access kernel mode, possibly allowing malware to access the computer’s hardware.

However, the circumstances have proven to be less dire than they originally appeared. The expectation was that this bug would cause entire processes to shift back and forth between user and kernel mode, hamstringing the speed at which the device would operate. There was also the expectation that this issue would not be able to be resolved without a hardware change.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android devices had an update pushed on January 5 to provide some mitigations, with more protections coming in later updates. These patches have already been pushed to Google-branded phones, like the Nexus and Pixel lines, and may have been on other Android devices. It doesn’t hurt to check, and if you haven’t been updated, go online and put pressure on your carrier on a public forum.

Google Chrome should be updated with similar mitigations on January 23, with other browsers updating soon after. To help protect yourself until then, have your IT team activate Site Isolation to minimize the chance of a malicious site accessing data from another browser tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These kinds of issues help to demonstrate the value of an MSP’s, or managed service provider’s, services. MSPs like TWINTEL Solutions are sure to keep themselves informed on the latest developments in IT security and any resolutions they can pass on to businesses like yours, if they don’t implement them on your behalf.

As a result, you and the rest of your team can go about your business without having to concern yourself with solving issues like these, knowing that you can trust the team who is solving it for you. For more ways that an MSP can help keep your business security and operations optimized, reach out to TWINTEL Solutions at (888) 894-6411.

What Does Redundancy Mean for Your Business
Personalities are Key to Successful Networking

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, August 21 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code

Our 10 Benefits

Our 10 Benefits Whitepaper

This whitepaper will evaluate the differences between traditional technical support practices and modern managed IT practices and the pros and cons of both in regards to small and medium-sized businesses.

Download Now!   Need A Consultation?

Tag Cloud

Security Tip of the Week Best Practices Cloud Privacy Technology Business Computing Backup Network Security Hackers Malware Hosted Solutions Google Microsoft VoIP bgc Software Email Mobile Devices roundup nonprofit Disaster Recovery Managed IT Services Data Alert Business Business Continuity Outsourced IT Internet communications Innovation Windows 10 Hardware Smartphones IT Services Ransomware Tech Term Android Saving Money Browser Data Backup Cybercrime Managed IT Services Cloud Computing Efficiency IT Support Computers Computer Server Small Business Productivity Network Internet of Things User Tips Windows BDR Passwords Office Save Money Data Recovery Smartphone Business Management Quick Tips Money Telephone Systems BYOD Social Engineering Managed IT Recovery Cybersecurity IT Support Miscellaneous Mobile Device Management Artificial Intelligence Communication Virtualization Applications Collaboration Vulnerability Productivity Social Media Mobility Gadgets Upgrade Law Enforcement Work/Life Balance Hacking Facebook Phishing Holiday Automation Office 365 Router Office Tips Remote Monitoring Avoiding Downtime Two-factor Authentication Managed Service Provider VPN Health Flexibility Budget Proactive IT Firewall How To Microsoft Office Private Cloud Data Protection App Bandwidth Compliance Bring Your Own Device Wi-Fi Chrome Password History Data Breach Black Market Windows 10 Data Security Workplace Tips Operating System Safety Identity Theft Connectivity HaaS Business Intelligence Redundancy Word Value Apps Remote Computing Mobile Device Google Drive Information Technology Emergency Mobile Computing Cleaning IT Management Big Data Training Workers Physical Security Comparison Document Management Wireless Technology IT Plan Information YouTube Servers Computer Care CES Patch Management Legal Update OneNote Save Time End of Support HIPAA Samsung Encryption Data storage Risk Management Content Management Scam Credit Cards Charger Automobile The Internet of Things Electronic Medical Records Blockchain Windows 7 USB Spam Government Data Management Worker PDF Unsupported Software Solid State Drive Employer-Employee Relationship Computing Infrastructure Keyboard Battery Content Filtering Entertainment Spam Blocking Data Storage Website Marketing Sports SaaS Business Owner Hiring/Firing Infrastructure Paperless Office Staff Regulation Education Smart Technology Network Congestion Amazon Web Services Addiction Windows 10s Voice over Internet Protocol Criminal NIST Excel Apple Remote Work Smart Tech Meetings Software as a Service Hosted Computing Techology Remote Worker Employer Employee Relationship webinar Start Menu Internet Exlporer Unified Communications Password Manager Machine Learning Going Green Multi-Factor Security Digital Signature Two Factor Authentication Online Shopping Cache Public Cloud Cryptocurrency Shadow IT Books IBM Tip of the week iPhone Vendor Management Data loss Assessment HBO Specifications Inventory Wiring Computer Accessories Conferencing Tools Theft Business Mangement HVAC Instant Messaging Trending Managed Service Users IT Consultant Flash User Error Evernote Wireless Internet Safe Mode Hosted Solution Supercomputer Downtime Windows Server 2008 Devices Best Practice Content Settings Screen Mirroring WiFi Wireless Television CrashOverride Outlook Millennials Access Control Bluetooth Netflix Reputation Advertising Gmail Networking Search Audit Data Warehousing Lifestyle Hard Drives Accountants MSP Virtual Reality Leadership Monitor Sync Colocation Wireless Charging Cortana Wire Politics Virtual Assistant Transportation Current Events Robot Fraud Thought Leadership Audiobook Cast Google Docs How to Laptop Public Computer Workforce Authentication Chromecast Customers Mobile Recycling Enterprise Content Management Loyalty Computer Fan Relocation File Sharing Worker Commute Telephony Fiber-Optic Google Apps Smart Office Human Resources Telephone System Benefits Knowledge Regulations Files Amazon Twitter Video Games Unified Threat Management Password Management Troubleshooting Touchpad Frequently Asked Questions Telecommuting Nanotechnology Rootkit Professional Services eWaste FENG Software Tips Humor Practices Augmented Reality NarrowBand Skype Hacker Cables Scalability Experience nonprofits Thank You Congratulations