Meltdown and Spectre!

Meltdown and Spectre!

No it’s not the title for a new DC comic, it’s the latest and possibly largest security vulnerability discovered to date. It affects every Intel processor based system and to a lesser extent AMD and ARM base systems as well. So basically every computer out there. Long story short it is only a potential vulnerability as no known cases of it being exploited have yet been reported, but it’s only a matter of time. Potentially the flaw will allow a remote use to steal vital pieces of information from the memory on your computer, simply by you visiting a website and having an advert pop up in the window. All the major vendors are scrambling to release patches for this, and some not doing so well. Intel released a fix, only to then withdraw it after finding problems with it. Microsoft and several major Anti-virus vendors have also had a less smooth time releasing fixes for it.

What to do? Schedule patches to not only Windows, but this applies to MAC O/S, Java, Google, Amazon, basically every major vendor and it’s products. Larger businesses should run patches on a schedule, and test deployment in a non-production environment before deploying throughout to avoid major interruptions. Simply ignoring updates is even more dangerous as this is only one of many vulnerabilities that put your business and clients information at risk.