facebook linkedin twitter

ALERT: Your Business’ Infrastructure May Be Susceptible to Meltdown/Spectre Vulnerability

ALERT: Your Business’ Infrastructure May Be Susceptible to Meltdown/Spectre Vulnerability

You’d think that Intel would make sure their firmware is of sound integrity, but unfortunately, a recently discovered vulnerability has revealed that it’s not as secure as previously thought. The issue involving Intel’s chips could potentially lead to a permanent nosedive for your CPU’s capacity to perform as intended, which could have disastrous implications for your business.

An unknown blogger calling themselves Python Sweetness describes the issue as “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.”

The bug found complicated the way that various programs interacted with the CPU. Ordinarily, your CPU will have two modes. Kernel offers a complete “carte blanche” access to the computer or user. This is supposed to be considered the safe mode for your CPU, but Python Sweetness has found that this bug lets programs run through user mode access kernel mode. What this ultimately allows for is the potential for malicious programs to access a user’s hardware--a scary thought indeed.

A fix has been developed that mitigates the issue to a small dip in system performance (approximately 2 percent), which is a much smaller price to pay compared to allowing hackers to influence your hardware itself. Originally, it was thought that the processes would be placed on the kernel mode, then shift back to the user mode as needed, but this process slowed down the system. A new Windows update has resolved the CPU problems, even though most professionals thought that a hardware change was the only way to solve it.

If you have a PC with Windows 10 and an antivirus that supports the patch, you should already have the fix implemented. You should make sure to confirm this by navigating to Settings > Update & Security. Once you’ve done so, make sure you also review your update history and find Security Update for Windows (KB4056892), or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android device users should have had this issue mitigated by an update pushed on January 5, with other updates incoming to strengthen these protections. Phones that fall under the Google brand, including the Nexus and Pixel phones, should have received patches already, with other Android devices soon to be patched as well. You should check your phone to see, and if you haven’t received one, put pressure on your carrier on a visible forum.

Google Chrome should be updated on January 23, and the other browsers should soon follow, with additional mitigations. Until then, you should ask IT to activate Site Isolation to keep potentially malicious sites from harvesting your data from your other browser tabs.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using cursory hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These types of problems are one of the best reasons to have a managed service provider as part of your IT management and maintenance infrastructure. Computerware keeps a close eye on the latest in network security, including any new threats to your business’s data or patches that need to be implemented. We’ll do whatever it takes to keep your business’s technology as secure and up to date as possible.

Your business won’t have to worry about any aspect of IT maintenance, and we can even help your internal team with implementation projects or technology support aspects of running your organization. To learn more, reach out to us at (703) 821-8200.

Social Media is Spurring Business Growth
20-Year-Old Exploit Finds New Life as ROBOT
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Saturday, January 19, 2019

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Software Business Computing Hackers Business Management Microsoft Data Workplace Tips Managed Service Provider Backup Productivity Hardware Business Network Security Saving Money Malware Email Hosted Solutions IT Services Efficiency IT Support Google Small Business Computer Quick Tips User Tips Mobile Devices Smartphones Gadgets Business Continuity Innovation Disaster Recovery Microsoft Office Android Social Media Mobile Office Virtualization Network VoIP Data Backup Mobile Device Management Collaboration Communication Server Smartphone Miscellaneous Productivity Data Recovery Windows 10 Upgrade Tech Term Ransomware IT Support Unified Threat Management Windows Holiday Passwords communications Remote Monitoring Facebook Operating System Remote Computing Cybersecurity Vendor Management Apps Mobile Computing Managed IT services BYOD Phishing BDR Users WiFi Marketing Mobile Device Analytics Automation The Internet of Things Apple Firewall Outsourced IT History Alert Artificial Intelligence Managed IT Services Data Management Internet of Things Browser Save Money IT Consultant App Big data Encryption Office Content Filtering Going Green Spam Bandwidth Maintenance Gmail Bring Your Own Device Printer Antivirus Health Business Technology Cost Management Best Practice Information Technology Lithium-ion Battery Office 365 Cloud Computing Windows 8 Windows 10 Outlook Budget Two-factor Authentication Help Desk Managed IT Wireless Technology Hiring/Firing Tech Support Hard Drives Virus Search Cybercrime Saving Time VPN Travel Phone System Blockchain Hacking Update IBM Money Document Management Access Control Recovery Training Employer-Employee Relationship Computers Hard Drive Legal Twitter Networking Intranet Education Mobility Regulations Risk Management Information SaaS Healthcare Save Time Law Enforcement Customer Service Humor Compliance Government Administration Applications Data storage Website Proactive IT Running Cable Managed Service It Management Business Growth File Sharing Avoiding Downtime Value Patch Management Password Cortana Data Loss Current Events iPhone Google Maps Hacker Scam Paperless Office Social Engineering Data Breach Sports Excel Disaster Computing Hosted Solution Digital User Business Intelligence End of Support Project Management Fax Server Customer Relationship Management Augmented Reality Digital Payment Robot Websites Securty PowerPoint Router Downtime Social Wireless Machine Learning Solid State Drive Comparison Tablet DDoS Telephone Systems Company Culture Black Market Computer Repair Flexibility Cryptocurrency Social Networking Word Laptop Data Security Identity Theft Experience Inbound Marketing Network Congestion eWaste Cleaning Vendor Monitors Office Tips Monitoring Virtual Reality Co-managed IT Streaming Media Politics User Error Pain Points Automobile Emails YouTube Redundancy Processors Settings USB Chromebook Management Unified Communications Net Neutrality Computing Infrastructure Hack Evernote Presentation Chrome How To Vulnerabilities Lifestyle Virtual Desktop Download Specifications Safety Private Cloud Gaming Console IT service Start Menu Tech Terms Computer Accessories Mobile Technology Telephony Documents Heating/Cooling Text Messaging Microchip Taxes Software as a Service Entertainment Webcam Trending Distributed Denial of Service Storage Bluetooth Uninterrupted Power Supply Mouse Public Cloud Bitcoin Statistics Google Docs Retail Programming Conferencing Data Protection Sync Software License Trends cache Organize Television Public Speaking Bookmark Point of Contact Multi-Factor Security IT consulting Cost Fraud Tactics WannaCry Downloads Shortcut Adminstration Pirating Information Notifications CCTV Devices Leadership Google Play Entrepreneur Business Metrics Computer Malfunction UTM CIO Content Time Management Freedom of Information Troubleshooting Processor Reliable Computing Advertising Flash Corporate Profile Recycling In Internet of Things IT Plan Staffing Enterprise Resource Planning Google Wallet Assessment SharePoint HIPAA Browsers Analytic Legislation Windows XP Error Environment email scam Addiction Society Webinar Google Calendar Competition User Tip Product Reviews Accountants A.I. Displays Tip of the week Electronic Payment Security Cameras VoIP Motion Sickness Multi-factor Authentication Micrsooft Touchscreen News Business Owner Navigation Read Scalability Upselling Migration Connected Devices Drones Consultation IP Address Data Analysis Messenger Tracking Wireless Headphones Telephone Knowledge Device Management Network Management Technology Tips Application Video Surveillance Rental Service Meetings Equifax Fleet Tracking Virtual Assistant Human Resources GDPR Cabling Permissions Language Audit Business Managemenet Web Server Device security MSP Fake News Saving ZTime Tech Content Management Wi-Fi Administrator Desktop Finance Data Warehousing Fileless Malware Books Workers Nanotechnology Social Network Best Practives online Currency Business Cards Service Level Agreement Music Access Digital Signature Proxy Server Debate Supercomputer Startup switches Asset Tracking Writing Emergency Hard Drive Disposal Harddrive Modem Unified Threat Management Worker Backup and Disaster Recovery Computer Care Teamwork GPS Electronic Medical Records Username Upgrades Microserver Microsoft Excel Term LinkedIn Gamification Google Drive Windows Server 2008 External Harddrive Directions Reading Samsung Screen Reader LiFi Customer Resource management G Suite Piracy Upload Spyware Mobile Payment Dark Web Employer Employee Relationship Smart Tech Distribution Get More Done Vulnerability PDF SSID Fiber-Optic Licensing Database Work/Life Balance Electricity Printer Server Printing Best Available Keyboard 3D Health IT Ebay Skype Hacks Physical Security HTML Deep Learning Turn Key Thin CLient Processing Archive Banking Botnet Mobile Security Windows 7 Domains Smart Phones Managed IT Service Relocation Tablets Visible Light Communication Telephone System Memory Trojan 3D Printing Cooperation Regulation Medical IT CrashOverride Printers Capital Productuvuty Managing Stress

toner1