As many of you may have seen in the media yesterday or this morning, news has broken of another significant technology-related security concern – CPU architecture flaws dubbed Spectre and Meltdown. As with similar prior events, our team has been monitoring the information coming from a variety of sources, assessing the risk, and preparing next steps.
What we know:
Flaws in the design of modern computer processors (also called chips, or CPUs) make a wide range of hardware susceptible to several different vulnerabilities that an attacker can exploit to access otherwise secure data. Although the news has primarily highlighted Intel processors, both AMD and some ARM processors have similar defects.
Because the flaws are caused by hardware, any software running on that hardware is vulnerable, including desktop and mobile versions of Windows, macOS, Linux, and Android, etc.
How serious is it:
This is a serious concern for the security of all systems, but there are two key aspects that are missing from the current ‘the-sky-is-falling’ style coverage:
- For this flaw to be exploited, the device would need to be previously compromised in some way. It is clear that this new vulnerability makes exposure after an attack easier, but it does not appear to create a new exploit on its own.
- Media outlets have made quite a lot of noise regarding the theorized performance impact the installed remedies will cause to devices. Some have even claimed performance decreases of up to 30%. We believe this to be over-inflated for the sake of sensationalism, and not likely to occur during real-world usage. While server and enterprise application performance may initially be affected to some degree, widespread workstation slowness is not expected. Additionally, according to patch developers, any performance impacts realized should be mitigated over time.
What’s happening now:
Software manufacturers are racing to deploy patches for their software that allow for this exposure at all system levels. We are expecting updates to roll out for operating systems, web browsers, hardware firmware (drivers), and more.
Our team will be performing these updates to all managed devices as soon as they can be tested and verified.
For customers subscribed to our Guru Sentry Security Services, the bar is raised for future compromise, and we are monitoring closely for any suspicious activities.
What you can do:
As mentioned above, these issues are of top concern where a device has already been compromised or becomes compromised. Our standard guidance is particularly effective:
- Update your devices and applications when prompted for system/software updates.
- Always exercise caution and skepticism while browsing the web, or accessing any online content.
- Never click on suspicious email links, even if you know the sender. When in doubt, submit the email to GadellNet or contact the sender via a separate contact method for verification.
Contact GadellNet Security Team at firstname.lastname@example.org if you think your computer may be compromised in any way.