hero Meltdown and Spectre

Meltdown and Spectre Make sure your data is safe.

Computer researchers recently confirmed that CPUs produced by Intel, ARM, and AMD have two-hardware based vulnerabilities identified as “Meltdown” and “Spectre.”  This is significant because it affects almost every device from smartphones to servers powered by those manufacturers’ CPUs.

This design flaw allows malicious programs to steal data that is being processed or remains in a computer’s memory from previous processes, such as login credentials.  During normal operation, processes running on a computer are isolated from one another.  These vulnerabilities allow that normal isolation to be breached by malicious code like JavaScript hidden in links on infected websites.

So what can you do about it?

  • Inventory your network to identify systems that are—or may be—at risk
  • Monitor those vendor sites for patch availability for your installed operating systems
  • Test and apply operating system patches and updates after verifying with your antivirus vendor that the patches are compatible with your current endpoint protection software
  • Adhere to security best practices and avoid malware by immediately deleting suspicious emails or emails from unrecognized senders; avoid websites that are not absolutely essential to your job; and hover over and verify links in emails and on websites to verify that they link to correct locations
  • Monitor your hardware and operating system vendor sites for patch availability for your operating systems and for BIOS updates and patches for your hardware

These are serious vulnerabilities, and it’s important to note that while no specific exploit has been identified that takes advantage of these vulnerabilities, there are reports of publicly available proof of concept exploit code being developed to take advantage of these vulnerabilities. This is an historic event as this potential catastrophe was discovered in a lab and (fortunately) not after the fact as the result of a disastrous data breach.

For more information, you can visit a site dedicated to Meltdown and Spectre.  If you would like assistance with determining the impact this has on your organization or if you need assistance with remediation, please feel free to contact us at Synergy IT Solutions

Contact us to learn how Synergy can help you

Events

  • Feb 8

    Lunch and an Overview On: Cisco Cybersecurity & Collaboration with Artificial Intelligence (Buffalo)

    Thursday, February 8
    10:00 AM - 1:00 PM
    Register View Details

  • Feb 9

    Lunch and an Overview On: Cisco Cybersecurity & Collaboration with Artificial Intelligence (Rochester)

    Friday, February 9
    11:00 AM - 2:00 PM
    Register View Details