Earlier this month, reports hit the tech world about “Meltdown” and “Spectre,” a pair of exploitable flaws built into nearly every computer and smart phone on the planet. These vulnerabilities are causing headaches for cybersecurity experts, and anxiety for tech users everywhere.
Meltdown and Spectre were accidentally built into almost every processor since 1995 in order to save space and increase computing speeds. However, now they leave open to harm most laptops, PCs, Macs, and even phones and tablets.
What Does This Mean For You?
If you own a smartphone or computer, the number one thing to do is keep up to date on any and all software updates. Be most diligent with updates of your Operating System (Windows, Apple, Android, etc.) and any security/anti-virus software you have installed (SuperAntiSpyware, MalwareBytes, McAfee, etc.). Also important are regular system checks and hardware cleanings.
Businesses, because they have more exploitable devices and data, are particularly at risk. Now that Spectre and Meltdown have been made public, hackers will be looking to take advantage of these weaknesses. With each unprotected device you own, the chance of being hacked is doubled. It is therefore imperative to stay up to date with any and all security updates as soon as they become available.
With the proper cybersecurity measures and constant update diligence, you can protect yourself as much as possible. Be sure to replace all processors in every personal or business device as soon as those without flaws are announced.
Bergen IT offers a program to regularly and automatically check and clean your computer and keep your security up to date. Send us an email at
solutions@bergenit.net or call 201-689-1823 to learn more.
What Exactly Are Meltdown and Spectre?
Meltdown:
Found mostly on Intel processors (and some ARM chips), Meltdown is “the more serious exploit”
according to PCWorld. As such, Microsoft and Intel have worked quickly to provide a temporary patch via Windows system updates. Meltdown takes advantage of how the chip processes your more sensitive (“kernel”) memory data. When your CPU goes through “Speculative Execution,” a malicious program has the opportunity to dart in and steal sensitive information. This could include passwords, cryptographic keys, emails, personal photos, and more.
Spectre:
Similar to Meltdown, Spectre focuses on exploiting the protected kernel data through the CPU’s process of Speculative Execution. However, while Meltdown only works on Intel processors and some ARMs, Spectre is able to take advantage of processors from Intel, ARM, and AMD, as well as Nvidia graphics chips.
This means that many more computers and mobile devices are also at risk, and now in more ways than one. How Spectre works, according to PC World, is it “tricks other applications into accessing arbitrary locations in their memory.” The article speculates that there may be no hardware solution in the future – only preventive methods of hardier software.
To mitigate this problem, Windows released a software patch to protect users from the Spectre exploit. While it went through without a hitch on Intel and ARM processors, it has caused computers with AMD processors to “lock up” and become unresponsive. As such, Windows is temporarily pausing updates to systems with AMD processors. This leaves anyone with an AMD CPU at greater risk until another solution is found.
What Does This Mean For the Future of Computing?
Going forward, this may mean a big change to modern processor chip design. To bulwark against these exploits, CPU manufacturers will be getting rid of the Speculative Execution process that allows your CPU to preload functions. With no current ideas for how to replace this time-saving process, our future processors (and future computers) will most likely be slower but much more secure.
Contact Bergen IT:
201-689-1823www.bergenit.netBergen IT is a client-centered, comprehensive tech support and strategy company for businesses, professionals, and homeowners. The company services customers in the NJ and New York City metropolitan area, including northern New Jersey (Bergen, Essex, Hudson, Morris, and Passaic, NJ), Manhattan and the Bronx, Rockland and Westchester, and can remotely assist clients across the USA. Bergen IT provides computer, mobile device, audio, TV, and home theater services. Our focus is on providing personal attention, reasonable rates and top-notch expertise. For more information, go to: www.bergenit.net.
