24 Jan Spectre & Meltdown – What you need to know
There is a very high likelihood that you have heard in the news over the past couple weeks about the CPU Processor Flaws that have been uncovered called “Spectre” and “Meltdown”.
Quick overview: Spectre and Meltdown are vulnerabilities in modern chip design that could allow attackers to bypass system protections on nearly every recent PC, server and smartphone – allowing hackers to read sensitive information such as passwords, from memory
This flaw exists in every brand of processor manufactured in the past 20+ years.
How does this affect you?
Until attackers have written code (malware) to exploit the Spectre and Meltdown vulnerabilities and this malware spreads globally, technically you are safe. However, this is the biggest flaw found in the last 2 decades of computing. It is a sure guarantee that this malware will hit the wild soon. It has been acknowledged this affects every PC, Mac, iPhone, Android phone, etc.
What are/can we do about it?
- First and foremost, for our regular clients we are already scheduling the necessary recently released patches – both hardware and software updates. This requires downtime and reboots. We are 100% focused first on Servers. This is a combination of Operating System updates and BIOS/Firmware updates.
- I stress again: the importance of having a managed Firewall Security appliance on your network. For nearly all of our clients, we have this in place. The key here is this: If the malware CANNOT get into your network, you theoretically CANNOT be affected. We have found a 98-99% Antivirus/Anti-malware success rate when we combine our preferred Firewall Appliance Services with our Webroot Endpoint Antivirus.
What else do we need to know?
Unfortunately when these things happen, the manufacturers rush as quickly as possible to provide Patches, BIOS updates, and firmware updates. These are typically reliable. But as we all know, sometimes a patch does more harm then good. There have been reports of these patches affecting workstations and servers in very rare circumstances causing major system instabilities and rendering the hardware nearly useless. With that said, that is the exception. The best practice here is to still apply the patches and get your equipment secure. We will continue to follow the industry recommended best practice and roll out the patches.
For more details, IT Security Pioneer Bruce Schneiner has one of the bests blog posts on this topic. You can read it here: