shutterstock 9311 TEST SIZE V3 051016

 

 "Fast Response Times and Resolutions."

Have IT Questions?
Call us now (888) 894-6411

TWINTEL Solutions Blog

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

Just a few months after finding themselves in a firmware fiasco, Intel is making news for all the wrong reasons. This issue had the potential to affect the CPU of a device, causing a severe dip in the performance of the device.

In a blog post by a user going by the name Python Sweetness, an issue was reported, describing “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.” This means that, thanks to this bug, the interactions that different programs would have with the CPU would be affected.

Under normal circumstances, a CPU will have two modes that it operates under: kernel, which permits the user to make changes to the computer itself, and user, which is considered a ‘safe’ mode. Python Sweetness discovered a bug that blurred the distinction between the two modes. The bug allowed programs run in user mode to also access kernel mode, possibly allowing malware to access the computer’s hardware.

However, the circumstances have proven to be less dire than they originally appeared. The expectation was that this bug would cause entire processes to shift back and forth between user and kernel mode, hamstringing the speed at which the device would operate. There was also the expectation that this issue would not be able to be resolved without a hardware change.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android devices had an update pushed on January 5 to provide some mitigations, with more protections coming in later updates. These patches have already been pushed to Google-branded phones, like the Nexus and Pixel lines, and may have been on other Android devices. It doesn’t hurt to check, and if you haven’t been updated, go online and put pressure on your carrier on a public forum.

Google Chrome should be updated with similar mitigations on January 23, with other browsers updating soon after. To help protect yourself until then, have your IT team activate Site Isolation to minimize the chance of a malicious site accessing data from another browser tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These kinds of issues help to demonstrate the value of an MSP’s, or managed service provider’s, services. MSPs like TWINTEL Solutions are sure to keep themselves informed on the latest developments in IT security and any resolutions they can pass on to businesses like yours, if they don’t implement them on your behalf.

As a result, you and the rest of your team can go about your business without having to concern yourself with solving issues like these, knowing that you can trust the team who is solving it for you. For more ways that an MSP can help keep your business security and operations optimized, reach out to TWINTEL Solutions at (888) 894-6411.

What Does Redundancy Mean for Your Business
Personalities are Key to Successful Networking
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, February 20 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab this Article!

QR-Code

Our 10 Benefits

Our 10 Benefits Whitepaper

This whitepaper will evaluate the differences between traditional technical support practices and modern managed IT practices and the pros and cons of both in regards to small and medium-sized businesses.

Download Now!   Need A Consultation?

Tag Cloud

Security Tip of the Week Best Practices Technology Cloud Privacy Business Computing Hackers Network Security Hosted Solutions Backup Malware Mobile Devices Google Data VoIP Microsoft Disaster Recovery Business Business Continuity bgc communications Email roundup nonprofit Internet Software Alert User Tips IT Services Innovation Outsourced IT Managed IT Services Hardware Smartphones Data Backup Productivity Tech Term Windows 10 Managed IT Services Browser Saving Money Smartphone Data Recovery Cloud Computing Efficiency Ransomware Server Computer Android IT Support Workplace Tips Cybercrime Internet of Things Small Business Business Management Network BDR Communication Computers IT Support Office Productivity Cybersecurity Miscellaneous Windows Quick Tips Passwords Artificial Intelligence Save Money Holiday Telephone Systems Applications BYOD Chrome Managed IT Router Recovery Windows 10 Mobile Device Money Social Engineering Mobility Gadgets Mobile Device Management Office 365 Social Media Virtualization Automation Collaboration Upgrade Law Enforcement Hacking Phishing Facebook Proactive IT Firewall Private Cloud Vulnerability Health Wi-Fi Work/Life Balance Password How To Word Microsoft Office Remote Monitoring Compliance Managed Service Provider Google Drive Information Data Protection VPN Budget Flexibility Office Tips Two-factor Authentication Avoiding Downtime Bandwidth Bring Your Own Device App Business Intelligence Mobile Computing Value Spam Safety Connectivity Information Technology HaaS Save Time History Encryption Managed Service Black Market Data Breach Voice over Internet Protocol Apps Software as a Service Operating System Remote Computing Data Security Keyboard Servers Identity Theft Settings Redundancy Sports Scam Business Owner Electronic Medical Records Credit Cards Infrastructure Paperless Office Emergency WiFi Big Data Government Wireless Technology Worker PDF Document Management Employer-Employee Relationship Windows 7 Fraud Computing Infrastructure Machine Learning Google Docs Solid State Drive YouTube Legal Unified Threat Management Spam Blocking Marketing Unsupported Software HIPAA Telephony CES Hiring/Firing Risk Management Hacker SaaS Data Storage Website Cleaning Training Workers Physical Security Content Management Automobile The Internet of Things Access Control IT Management Computer Care Comparison USB Blockchain Virtual Assistant Patch Management Data Management End of Support OneNote IT Plan Entertainment Data storage Samsung Battery Content Filtering Update Charger Human Resources Telephone System NarrowBand Nanotechnology Camera Bluetooth Netflix Scalability Experience Flash Evernote Reputation Advertising eWaste Password Management Television CrashOverride Security Cameras Trending Leadership Windows Server 2008 Monitor Colocation Audit Help Desk Education Screen Mirroring Hard Drives Practices Augmented Reality Outlook Millennials Robot Addiction Staff Regulation Transportation Current Events Net Neutrality Lifestyle Smart Tech Printers Sync Wireless Charging Customers Criminal Going Green NIST Public Computer Botnet Techology Data Warehousing Password Manager Loyalty Computer Fan Shortcuts Cast Relocation Hosted Computing Remote Worker ISP Workforce Files Cache Shadow IT Books Mobile Digital Signature Benefits Knowledge Warranty Rootkit Instant Messaging Fiber-Optic Cryptocurrency Smartwatch Inventory Wiring Regulations Amazon Business Mangement HVAC FENG Social Users Humor Best Practice Content Frequently Asked Questions Telecommuting Wireless Internet Windows 10s Microchip Hosted Solution Professional Services Smart Technology Network Congestion Software Tips Apple Devices Printer Search Skype Cables Safe Mode Employee Employer Employee Relationship webinar Politics Amazon Web Services Internet Exlporer Gmail Networking Vendor Virtual Reality Two Factor Authentication Audiobook Excel Remote Work Cortana Wire Public Cloud Search Engine Meetings Accountants MSP iPhone Chromecast Thought Leadership Mouse Vendor Management How to Start Menu Unified Communications Laptop IBM Digital Signage Authentication Computer Accessories Conferencing Online Shopping Recycling Enterprise Content Management Assessment Display Worker Commute Multi-Factor Security IT Consultant Video Games Tip of the week User Error Google Apps Smart Office Bing Data loss File Sharing HBO Specifications Downtime Twitter Administrator Troubleshooting Tools Theft Wireless Touchpad Supercomputer Google Search nonprofits Thank You Congratulations GDPR E-Commerce