Female Rep1

 

 "99% Positive Customer Satisfaction Rate"

Have IT Questions?
Call us now (888) 894-6411

Blog

TWINTEL Solutions has been serving the Orange County, Los Angeles County, Riverside County, and San Diego County, areas. Since 2005, TWINTEL has provided IT Support such as technical help desk support, computer support, and overall IT consulting to small and medium-sized businesses.

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

Just a few months after finding themselves in a firmware fiasco, Intel is making news for all the wrong reasons. This issue had the potential to affect the CPU of a device, causing a severe dip in the performance of the device.

In a blog post by a user going by the name Python Sweetness, an issue was reported, describing “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.” This means that, thanks to this bug, the interactions that different programs would have with the CPU would be affected.

Under normal circumstances, a CPU will have two modes that it operates under: kernel, which permits the user to make changes to the computer itself, and user, which is considered a ‘safe’ mode. Python Sweetness discovered a bug that blurred the distinction between the two modes. The bug allowed programs run in user mode to also access kernel mode, possibly allowing malware to access the computer’s hardware.

However, the circumstances have proven to be less dire than they originally appeared. The expectation was that this bug would cause entire processes to shift back and forth between user and kernel mode, hamstringing the speed at which the device would operate. There was also the expectation that this issue would not be able to be resolved without a hardware change.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android devices had an update pushed on January 5 to provide some mitigations, with more protections coming in later updates. These patches have already been pushed to Google-branded phones, like the Nexus and Pixel lines, and may have been on other Android devices. It doesn’t hurt to check, and if you haven’t been updated, go online and put pressure on your carrier on a public forum.

Google Chrome should be updated with similar mitigations on January 23, with other browsers updating soon after. To help protect yourself until then, have your IT team activate Site Isolation to minimize the chance of a malicious site accessing data from another browser tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These kinds of issues help to demonstrate the value of an MSP’s, or managed service provider’s, services. MSPs like TWINTEL Solutions are sure to keep themselves informed on the latest developments in IT security and any resolutions they can pass on to businesses like yours, if they don’t implement them on your behalf.

As a result, you and the rest of your team can go about your business without having to concern yourself with solving issues like these, knowing that you can trust the team who is solving it for you. For more ways that an MSP can help keep your business security and operations optimized, reach out to TWINTEL Solutions at (888) 894-6411.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 22 May 2018
If you'd like to register, please fill in the username, password and name fields.

Mobile? Grab this Article!

QR-Code

Our 10 Benefits

Our 10 Benefits Whitepaper

This whitepaper will evaluate the differences between traditional technical support practices and modern managed IT practices and the pros and cons of both in regards to small and medium-sized businesses.

Download Now!   Need A Consultation?

Tag Cloud

Security Tip of the Week Privacy Cloud Best Practices Technology Business Computing Backup Hackers Network Security Malware Hosted Solutions bgc Microsoft roundup nonprofit Google Software Alert VoIP Managed IT Services Email Disaster Recovery Mobile Devices Business Business Continuity Data Outsourced IT Internet Windows 10 Smartphones Ransomware Innovation communications Browser IT Services Cybercrime Android Saving Money Hardware Computers Small Business Managed IT Services Server Efficiency IT Support Computer Office Cloud Computing Data Backup Smartphone Business Management Productivity Passwords Mobile Device Management Managed IT Quick Tips Telephone Systems Social Engineering BDR Recovery User Tips Cybersecurity Internet of Things BYOD Windows Phishing Virtualization Law Enforcement Vulnerability Hacking Data Recovery Mobility Communication Work/Life Balance Network Collaboration Productivity Save Money Money Remote Monitoring Private Cloud Bandwidth Artificial Intelligence Data Protection Flexibility Avoiding Downtime Budget Automation IT Support Managed Service Provider Health VPN Social Media Holiday Proactive IT Two-factor Authentication Miscellaneous Bring Your Own Device Tech Term Upgrade Office Tips How To Firewall App Wi-Fi Chrome Business Intelligence Data Breach Google Drive HaaS Gadgets Operating System Value Apps Data Security Safety Redundancy Office 365 Applications Windows 10 Microsoft Office Remote Computing Information Technology Facebook History Black Market Mobile Device Compliance Identity Theft Password Hiring/Firing Cleaning Emergency Credit Cards Government The Internet of Things Word Computing Infrastructure Marketing Computer Care Patch Management Save Time Unsupported Software Samsung HIPAA Scam Automobile Infrastructure Physical Security Mobile Computing Data Management Worker Wireless Technology End of Support Comparison Battery Data storage Update SaaS PDF Workers Workplace Tips Solid State Drive Big Data Legal Spam OneNote Router Data Storage Charger Risk Management Electronic Medical Records IT Management Employer-Employee Relationship IT Plan Spam Blocking CES Keyboard Content Filtering Business Owner Downtime Theft Tools Colocation Windows 10s Reputation Content Management Experience Trending Document Management Techology Windows Server 2008 Access Control webinar Employer Employee Relationship Robot Cortana Data Warehousing Public Cloud Customers Blockchain Shadow IT Lifestyle Laptop Fraud Windows 7 IBM Authentication Conferencing Computer Accessories Google Apps Mobile Nanotechnology Hacker Human Resources Touchpad Amazon Sports Regulations Apple Supercomputer Netflix Bluetooth NarrowBand Professional Services Smart Tech Internet Exlporer Software Tips Audit Staff Transportation Amazon Web Services iPhone Current Events Password Manager Audiobook Software as a Service Connectivity Computer Fan Loyalty Digital Signature USB Benefits Online Shopping Servers Knowledge Rootkit Business Mangement Entertainment Scalability Devices Advertising Education Specifications Hard Drives HBO FENG Encryption Troubleshooting Smart Technology Evernote Flash Network Congestion Screen Mirroring Training Monitor Gmail WiFi Thought Leadership Millennials Outlook Relocation Accountants Two Factor Authentication Wireless Charging Sync Files Cast Vendor Management Recycling Chromecast Instant Messaging Google Docs Twitter Users Workforce Humor Assessment Books Content Fiber-Optic Best Practice Telephony IT Consultant Settings eWaste Search Website Addiction Virtual Reality Telecommuting Frequently Asked Questions CrashOverride Television Practices Hosted Solution Leadership Cables Skype Criminal Politics How to Voice over Internet Protocol Going Green Worker Commute Remote Work Excel Meetings Public Computer Hosted Computing Unified Communications YouTube Video Games Start Menu User Error Wireless Unified Threat Management Multi-Factor Security Tip of the week Data loss Inventory Thank You nonprofits Congratulations Cache Wireless Internet