Send Us An Email

Give us a call

Headquarters

OnSite I.T. Blog

ALERT: Meltdown/Spectre Vulnerability Can Affect Your Business’ Critical Infrastructure

ALERT: Meltdown/Spectre Vulnerability Can Affect Your Business’ Critical Infrastructure

Intel has had publicity problems in the past, but now things are getting critical. An issue was reported that could potentially cause the processing power of their chips to diminish. What are being known as the Meltdown or Spectre vulnerabilities, have businesses scrambling around looking for ways to protect their data and infrastructure from what is seemingly an oversight that affects most of today’s CPU architectures; namely those that rely on virtual memory.

This means that a bug has been discovered that alters the way that different programs communicate with the CPU. Typically, a CPU has two modes: kernel and user. “Kernel” provides users access to the computer and “user” which is typically thought of as the safe mode. The vulnerability that the user who goes by the moniker Python Sweetness discovered was one that allowed users working in user mode, to access kernel mode. This presents a number of potential problems, including creating a gateway for malicious action to be taken against your network.

Fortunately for users a patch has been developed that won’t seriously hinder system performance, a fear shared by some security professionals. In fact, the fix will only cause a minimal dip of around 2 percent. Initially, there were concerns that systems would come out of this much slower as entire processes would effectively be altered between user mode and kernel mode.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Two days later, an update for Android devices was pushed out to users. Most mobile platforms running Android, should now be protected. To be sure, check regularly. Google Chrome is scheduled to be updated on January 23. In the meantime, consider asking your IT administrator to help you achieve Site Isolation to assist in keeping your network secure.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

If you don’t have a comprehensive IT administrator, chances are you are on your own. By having a company like OnSite I.T. looking out for you, you will be able to benefit from having conscientious IT professionals helping you keep your computing infrastructure, network, and data secure, no matter what is thrown at it.
To find out how OnSite I.T. can help your organization with network security, call us at (403) 210-2927.

Tip of the Week: Five Ways to Use Your Android Pho...
Improperly Disposing of a Hard Drive Can Threaten ...
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Tuesday, 17 December 2024

Captcha Image

Mobile? Grab this Article

QR Code

Customer Login

Latest Blog

Want to be a business without hearing how artificial intelligence is changing the industry? Good luck; it’s a big deal that this technology has flourished in recent years, and businesses have found all kinds of ways to implement it. While AI has sign...

Contact us

Learn more about what OnSite I.T. can do for your business.

OnSite I.T.
429 14th St. N.W. #104
Calgary, Alberta T2N 2A3, Canada