Computerware

Computerware has been serving the Vienna area since 1976, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

ALERT: Your Business’ Infrastructure May Be Susceptible to Meltdown/Spectre Vulnerability

ALERT: Your Business’ Infrastructure May Be Susceptible to Meltdown/Spectre Vulnerability

You’d think that Intel would make sure their firmware is of sound integrity, but unfortunately, a recently discovered vulnerability has revealed that it’s not as secure as previously thought. The issue involving Intel’s chips could potentially lead to a permanent nosedive for your CPU’s capacity to perform as intended, which could have disastrous implications for your business.

An unknown blogger calling themselves Python Sweetness describes the issue as “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.”

The bug found complicated the way that various programs interacted with the CPU. Ordinarily, your CPU will have two modes. Kernel offers a complete “carte blanche” access to the computer or user. This is supposed to be considered the safe mode for your CPU, but Python Sweetness has found that this bug lets programs run through user mode access kernel mode. What this ultimately allows for is the potential for malicious programs to access a user’s hardware--a scary thought indeed.

A fix has been developed that mitigates the issue to a small dip in system performance (approximately 2 percent), which is a much smaller price to pay compared to allowing hackers to influence your hardware itself. Originally, it was thought that the processes would be placed on the kernel mode, then shift back to the user mode as needed, but this process slowed down the system. A new Windows update has resolved the CPU problems, even though most professionals thought that a hardware change was the only way to solve it.

If you have a PC with Windows 10 and an antivirus that supports the patch, you should already have the fix implemented. You should make sure to confirm this by navigating to Settings > Update & Security. Once you’ve done so, make sure you also review your update history and find Security Update for Windows (KB4056892), or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android device users should have had this issue mitigated by an update pushed on January 5, with other updates incoming to strengthen these protections. Phones that fall under the Google brand, including the Nexus and Pixel phones, should have received patches already, with other Android devices soon to be patched as well. You should check your phone to see, and if you haven’t received one, put pressure on your carrier on a visible forum.

Google Chrome should be updated on January 23, and the other browsers should soon follow, with additional mitigations. Until then, you should ask IT to activate Site Isolation to keep potentially malicious sites from harvesting your data from your other browser tabs.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using cursory hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These types of problems are one of the best reasons to have a managed service provider as part of your IT management and maintenance infrastructure. Computerware keeps a close eye on the latest in network security, including any new threats to your business’s data or patches that need to be implemented. We’ll do whatever it takes to keep your business’s technology as secure and up to date as possible.

Your business won’t have to worry about any aspect of IT maintenance, and we can even help your internal team with implementation projects or technology support aspects of running your organization. To learn more, reach out to us at (703) 821-8200.

Social Media is Spurring Business Growth
20-Year-Old Exploit Finds New Life as ROBOT
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 20 February 2018

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Privacy Internet Cloud Business Management Microsoft Hackers Software Business Computing Managed Service Provider Backup Workplace Tips Productivity Data Hardware Saving Money Business Malware Email IT Support IT Services Hosted Solutions Google Efficiency Smartphones Small Business Gadgets Quick Tips Network Security User Tips Mobile Devices Business Continuity Mobile Office Disaster Recovery Computer Virtualization Network Microsoft Office Server Mobile Device Management VoIP Social Media Miscellaneous Upgrade Windows 10 Ransomware Windows Innovation Android Unified Threat Management Smartphone Remote Monitoring Holiday Operating System Remote Computing Passwords Mobile Computing BYOD Communication Apps WiFi Vendor Management Marketing Collaboration Facebook The Internet of Things History Users Managed IT services Analytics Firewall Apple Data Management Alert Cybersecurity IT Support IT Consultant Phishing Outsourced IT Save Money Managed IT Services Productivity Office Internet of Things App Automation Gmail Content Filtering Health Big data Bring Your Own Device communications Search Budget Maintenance Virus Lithium-ion Battery Hard Drives Windows 8 Hiring/Firing Artificial Intelligence Tech Support Information Technology Managed IT Best Practice Browser BDR Spam Going Green Wireless Technology Outlook Update Bandwidth Phone System Encryption Help Desk Money Data Backup Antivirus Office 365 Printer Recovery Employer-Employee Relationship IBM Mobile Device Cost Management Intranet SaaS Administration Customer Service Data Recovery Travel Education Cloud Computing Proactive IT Hacking Networking Save Time Computers Running Cable Humor It Management Law Enforcement Hard Drive Government Cybercrime Data storage Risk Management Document Management Legal Saving Time Tablet Company Culture Two-factor Authentication Hosted Solution Wireless Robot Data Security Website Digital Payment Black Market Comparison Augmented Reality PowerPoint Business Growth Project Management Social Networking VPN Telephone Systems Twitter Training Fax Server User Disaster End of Support Securty iPhone DDoS Business Intelligence Avoiding Downtime Solid State Drive Mobility Word Flexibility Password Current Events Cortana Computer Repair Windows 10 Excel Hacker Downtime Gaming Console Paperless Office Taxes Presentation Sports Software as a Service Vulnerabilities Uninterrupted Power Supply Mobile Technology Webcam Computing Virtual Desktop Access Control Streaming Media Identity Theft Inbound Marketing Documents Programming IT service Heating/Cooling Chrome Bitcoin Virtual Reality Compliance Patch Management Social Engineering Google Maps Router Retail Blockchain Computer Accessories Computing Infrastructure Customer Relationship Management Experience eWaste Redundancy Hack Mouse Co-managed IT Monitors Private Cloud Telephony Text Messaging Lifestyle YouTube Settings Distributed Denial of Service Unified Communications Specifications Safety Public Cloud Social Network Congestion Net Neutrality Business Technology Politics Automobile Scam Pain Points Cryptocurrency Laptop Trending Google Docs How To User Error Digital Statistics Processors Office Tips USB Start Menu Access Fake News IP Address Society Hacks Samsung Thin CLient Human Resources Micrsooft G Suite Best Practives Relocation Skype Spyware Microsoft Excel Physical Security Business Cards Notifications Tablets Microserver Leadership Reliable Computing Data Protection Mobile Payment Sync Teamwork cache Device Management CCTV Music Storage Upgrades PDF Piracy Turn Key Corporate Profile Television Bluetooth In Internet of Things Trojan Keyboard LiFi Best Available Data Loss Product Reviews online Currency Assessment Emails Organize Domains Deep Learning Scalability Read Software License Rental Service VoIP SharePoint Memory Shortcut Visible Light Communication Value Data Breach Troubleshooting Consultation Tip of the week Wi-Fi Meetings Staffing Environment IT Plan Cabling Evernote Flash Administrator GPS Competition Advertising Audit Business Owner Virtual Assistant Supercomputer Google Wallet Displays Machine Learning Emergency Migration Worker Data Warehousing Harddrive Ebay 3D Application Computer Care Google Drive Hard Drive Disposal Recycling Banking Employer Employee Relationship Drones Vulnerability File Sharing Licensing External Harddrive Electricity Windows Server 2008 Pirating Information Language Botnet Adminstration Permissions Digital Signature Printing Entertainment Unified Threat Management Business Metrics Writing Get More Done switches Smart Phones Content Management WannaCry Windows 7 Computer Malfunction Printer Server Downloads Analytic Time Management Fiber-Optic Chromebook Messenger Freedom of Information Video Surveillance Work/Life Balance Motion Sickness Public Speaking Google Calendar LinkedIn Touchscreen Fraud Download Tracking Saving ZTime Entrepreneur IT consulting Knowledge Books Business Managemenet Archive News Upselling Debate Web Server Webinar Cleaning HIPAA Technology Tips Electronic Payment CIO Websites email scam Microchip Workers Regulations Windows XP Tech Terms Point of Contact Reading Capital Productuvuty Desktop CrashOverride 3D Printing

toner1.7