Last week it was announced by Intel that two major flaws, Spectre and Meltdown, have been present in nearly every microprocessor present in desktops, laptops, smartphones, and cloud servers. With this information, the technology world’s head is spinning, so here are some facts to help you understand what these vulnerabilities are and what you can do to protect your network. 

What are Meltdown and Spectre?

Spectre and Meltdown are two different vulnerabilities within microprocessors. These vulnerabilities can be exploited by cybercriminals and hackers and allow them to identify contents of protected kernel memory through the use of data applications, JavaScript, and web browsers. Here is a brief breakdown of the two vulnerabilities:

  • Meltdown – This flaw allows programs to access the memory of other programs and the operating system itself, potentially revealing sensitive information. Fortunately, this flaw can be patched with software updates.
  • Spectre – This flaw is technically a collective name for two vulnerabilities. Although much more difficult to exploit than Meltdown, it would allow an attacker to “trick” a program into leaking information. There are some software patches that can help protect against known exploits.

How Are Companies Responding?

Since the vulnerabilities have come to light, MSSPs (managed security service providers) have been working to patch everything like PCs, servers, networking gear, and cloud systems. Here are some steps companies and MSSPs are taking.

    • Amazon, Google, and Microsoft have updated their cloud services.
    • The Aspen Institute has formed The Aspen Cyber Group, a cybersecurity group led by IBM CEO Ginni Rometty, that will address security vulnerabilities at a national level.
    • Verizon has acquired Niddel, which will help them clean out any contaminated systems within their organization.
    • Cyxtera Technologies has acquired Immunity Inc., which will allow Cyxtera to deliver automated and continuous threat assessments and penetration testings.
  • Intel has formed their own, internal cybersecurity group.

Is There a Quick Fix?

To secure a business, systems management is key. Systems management is comprised of two different areas: state management and operations management.

    • State Management: includes hardware, operating systems (OS), applications, and data.
  • Operations Management: monitors and manages running applications and systems in place to ensure back-end server performance and end-user experience.

Software patches that are implemented to guard against security threats need to be carefully assessed by I.T. professionals. The patches need to be employed quickly, efficiently, and with minimal impact to processor operations. If not done properly, potential side effects of patches can be slower processing times and decreased processor performance, especially in older systems.

Next Steps

Everyone with a PC or laptop is vulnerable to these flaws without the proper patch work. To ensure the security of data for you and your business, get your processors checked by a professional.

Shock I.T. Support today and combat Spectre and Meltdown!