Out of the Box Solutions Blog

ALERT: Meltdown/Spectre Vulnerability Can Affect Your Business’ Critical Infrastructure

ALERT: Meltdown/Spectre Vulnerability Can Affect Your Business’ Critical Infrastructure

Intel has had publicity problems in the past, but now things are getting critical. An issue was reported that could potentially cause the processing power of their chips to diminish. What are being known as the Meltdown or Spectre vulnerabilities, have businesses scrambling around looking for ways to protect their data and infrastructure from what is seemingly an oversight that affects most of today’s CPU architectures; namely those that rely on virtual memory.

This means that a bug has been discovered that alters the way that different programs communicate with the CPU. Typically, a CPU has two modes: kernel and user. “Kernel” provides users access to the computer and “user” which is typically thought of as the safe mode. The vulnerability that the user who goes by the moniker Python Sweetness discovered was one that allowed users working in user mode, to access kernel mode. This presents a number of potential problems, including creating a gateway for malicious action to be taken against your network.

Fortunately for users a patch has been developed that won’t seriously hinder system performance, a fear shared by some security professionals. In fact, the fix will only cause a minimal dip of around 2 percent. Initially, there were concerns that systems would come out of this much slower as entire processes would effectively be altered between user mode and kernel mode.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Two days later, an update for Android devices was pushed out to users. Most mobile platforms running Android, should now be protected. To be sure, check regularly. Google Chrome is scheduled to be updated on January 23. In the meantime, consider asking your IT administrator to help you achieve Site Isolation to assist in keeping your network secure.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

If you don’t have a comprehensive IT administrator, chances are you are on your own. By having a company like Out of the Box Solutions looking out for you, you will be able to benefit from having conscientious IT professionals helping you keep your computing infrastructure, network, and data secure, no matter what is thrown at it.
To find out how Out of the Box Solutions can help your organization with network security, call us at 800-750-4OBS (4627).

Tip of the Week: Five Ways to Use Your Android Pho...
Improperly Disposing of a Hard Drive Can Threaten ...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Monday, October 15 2018

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Network Security Tech Term Privacy Cybersecurity Smartphones Internet Cloud Malware Efficiency Browser Android Productivity Hardware Communication User Tips Communications Managed IT services Saving Money Ransomware Microsoft Passwords Small Business Data Applications Users Workplace Tips Backup Innovation Business Intelligence Mobile Device Social Media Blockchain Hosted Solutions Wi-Fi Mobile Devices Collaboration Email Employer-Employee Relationship Google Windows 10 VoIp Network IT Support Business Management Artificial Intelligence Analytics Cloud Computing Virtual Assistant Information Data recovery Internet of Things Managed IT Service Wireless Charging Outsourced IT Networking Patch Management Remote Computing Hackers Computer Virtualization Managed IT Services VPN Compliance Data Management Cost Management Computers Bandwidth Cortana Data Backup Save Money Business Tech Terms Wireless Gmail Software Automation Marketing IT Services BDR Medical IT eCommerce Data Protection Laptop RAM Safety Processors Threat Millennials Analysis Hard Drives Trends Authentication Tactics Password Tablet Digital Data loss Error disposal Bring Your Own Device SaaS Online Shopping Mobile Security Conferencing Microsoft Teams Troubleshooting Business Technology Vulnerability Printing Machine Learning Managed Service SSD A.I. Authorization Connectivity Excel Spam Value IT Management Hybrid Cloud Plug-In GDPR Operating System Office Company Culture Update Dongle Spyware Paper Facebook Big Data Movies WannaCry Maintenance Telecommuting Server Management Proactive IT Technology Tips Knowledge Edge Apps Office 365 Virus Touchscreen Server Tip of the week Cables Settings Content Filtering Managing Stress HP Ink Phishing Twitter Comparison HIPAA Router Remote Monitoring and Management Streaming Media Telephony Antivirus Microsoft Office 365 Database User Tip Voice over Internet Protocol Storage Environment IT budget Government Document Management PowerPoint Data Breach Telecommute Reporting Holiday Inventory Specifications Physical Security Unified Communications Miscellaneous Websites Hard Drive Internet Explorer Workers Microsoft Office Backup and Disaster Recovery Downloads Voice over IP Staff Access Control Lead Generation Cybercrime Network Attached Storage Smartphone Dark Web Gadgets Battery e-waste G Suite Amazon Sales Paperless Office Sports Printers Alert Quick Tips Outlook Regulation Disaster Recovery