If you use computers or mobile devices in your business, you could be affected by the Meltdown or Spectre security exploits. In other words, we’re all at risk.
Meltdown and Spectre are hardware vulnerabilities that exploit performance features of nearly all Central Processing Units (CPUs). They’re not plain software bugs that can be fixed with a simple code tweak. They circumvent hardware architecture protections (how various elements work together), potentially exposing nearly any data the computer processes, including passwords, proprietary information or encrypted communications.
The Potential Risk
So far, there are no public reports that any devices have actually been hacked.
The Potential Fix(es)
Microsoft has issued Meltdown patches for Windows 10 and patches for older operating systems are to come. These fixes will require testing and have been reported to slow performance in machines using Intel chips by 5-30%.
Fixes for Spectre are expected to take a little longer due to the complexity of the issue. However, companies are working furiously to minimize the apparent threat and will release patches as quickly as possible.
What Your IT Firm Should Do for You
Your IT firm should be watching the developments closely. When necessary fixes are issued, expect them to be proactively and safely applied to your network devices. (If you don’t use a managed IT services firm, contact your IT provider for guidance.)
What You Can Do
Your computer needs to be already infected with malware before Meltdown and Spectre can wreak havoc. So, do everything you can to keep the bad guys out. Use routine caution with emails and websites. Learn how to identify a suspicious email and resist the “click”!
Plus, apply all updates to your smartphones and tablets and keep them current. Apple and Android have announced updates and more will follow.
To learn more about how CRU Solutions can help with your IT services, including cybersecurity, contact us.