Out of the Box Solutions Blog

ALERT: Meltdown/Spectre Vulnerability Can Affect Your Business’ Critical Infrastructure

ALERT: Meltdown/Spectre Vulnerability Can Affect Your Business’ Critical Infrastructure

Intel has had publicity problems in the past, but now things are getting critical. An issue was reported that could potentially cause the processing power of their chips to diminish. What are being known as the Meltdown or Spectre vulnerabilities, have businesses scrambling around looking for ways to protect their data and infrastructure from what is seemingly an oversight that affects most of today’s CPU architectures; namely those that rely on virtual memory.

This means that a bug has been discovered that alters the way that different programs communicate with the CPU. Typically, a CPU has two modes: kernel and user. “Kernel” provides users access to the computer and “user” which is typically thought of as the safe mode. The vulnerability that the user who goes by the moniker Python Sweetness discovered was one that allowed users working in user mode, to access kernel mode. This presents a number of potential problems, including creating a gateway for malicious action to be taken against your network.

Fortunately for users a patch has been developed that won’t seriously hinder system performance, a fear shared by some security professionals. In fact, the fix will only cause a minimal dip of around 2 percent. Initially, there were concerns that systems would come out of this much slower as entire processes would effectively be altered between user mode and kernel mode.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Two days later, an update for Android devices was pushed out to users. Most mobile platforms running Android, should now be protected. To be sure, check regularly. Google Chrome is scheduled to be updated on January 23. In the meantime, consider asking your IT administrator to help you achieve Site Isolation to assist in keeping your network secure.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

If you don’t have a comprehensive IT administrator, chances are you are on your own. By having a company like Out of the Box Solutions looking out for you, you will be able to benefit from having conscientious IT professionals helping you keep your computing infrastructure, network, and data secure, no matter what is thrown at it.
To find out how Out of the Box Solutions can help your organization with network security, call us at 800-750-4OBS (4627).

Tip of the Week: Five Ways to Use Your Android Pho...
Improperly Disposing of a Hard Drive Can Threaten ...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, January 22 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Network Security Tech Term User Tips Privacy Productivity Internet Smartphones Cybersecurity Efficiency Malware Communication Hardware Microsoft Mobile Device Browser Android Data Email Small Business Ransomware IT Support Network Cloud Applications Users Backup Wi-Fi Mobile Devices Data recovery Internet of Things Saving Money Wireless Holiday Business Management Passwords Windows 10 Managed IT services Collaboration Innovation Data Backup Google IT Services Communications Hosted Solutions Outsourced IT Information Networking Business Social Media Managed IT Services Hackers Employer-Employee Relationship Workplace Tips Cloud Computing VoIp Software Business Intelligence Marketing Blockchain BDR Managed IT Service Data Management Remote Monitoring and Management Computers Remote Computing Patch Management Save Money Computer Tech Terms Microsoft Office Access Control Connectivity Automation Medical IT Smartphone Cortana Facebook Apps Artificial Intelligence Analytics Bandwidth Virtual Assistant Password Cost Management Managed Service Mobility Wireless Charging Gmail Compliance Virtualization VPN G Suite Outlook Big Data Sports WannaCry Server Management e-waste Edge Virus Safety Tablet Threat Security Cameras Server Data Protection RAM Business Technology Tactics Business Continuity Settings Hard Drives Conferencing Trends Microsoft Office 365 HP disposal Bring Your Own Device Profitability Storage HIPAA Miscellaneous Antivirus Printing Excel Reporting Word Mobile Security Microsoft Teams Telecommute Upgrade IT budget SSD Office A.I. Document Management Value Telecommuting Hybrid Cloud Amazon Eliminating Downtime Physical Security Dark Web Hard Drive Staff Dongle Knowledge Paper Office 365 Wearables Lead Generation Network Attached Storage Operating System Tip of the week Company Culture Paperless Office Maintenance Phishing Analysis Certification Battery Content Filtering Movies Authentication Cables BYOD eCommerce Laptop Technology Tips Comparison Error Processors Troubleshooting Ink Telephony SaaS Healthcare User Tip Managing Stress Digital Data loss Router Data Breach Twitter Authorization Database Workers Voice over Internet Protocol Plug-In Wireless Internet Online Shopping Specifications Streaming Media Vulnerability Machine Learning Update Government PowerPoint Voice over IP GDPR Data Security Environment Spam Websites Sales Internet Explorer Training IT Management Gadgets Inventory Unified Communications Cybercrime Millennials Proactive IT Help Desk Backup and Disaster Recovery Downloads Touchscreen Spyware Personal Information Disaster Recovery Regulation Alert Printers Quick Tips