What you need to know about the Spectre and Meltdown security flaws

Computer researchers recently discovered two major security flaws affecting processing chips made by Intel, AMD and ARM, putting billions of computers and devices at risk. Here’s what you need to know about the flaws, and what it means for you.

What are Meltdown and Spectre?

The flaws, called Meltdown and Spectre, are essentially hardware design flaws that have gone undetected for years.

In very simple terms, these flaws allow malicious programs to steal data that’s being processed in a computer’s memory - something applications aren’t normally able to do, since they’re isolated from each other and the operating system. Meltdown and Spectre, in their own ways, break that isolation.

For more detailed explanations of Meltdown and Spectre, and how they work, we suggest reading:

• A critical Intel flaw breaks basic security for most computers
• Meltdown and Spectre: How chip hacks work
• Those huge CPU vulnerabilities, Meltdown and Spectre, explained

What this means for you

If you use a desktop computer, laptop, smartphone or cloud service provided by virtually all manufacturers including Apple, Microsoft, HP, Lenovo, Amazon and Google, you are most likely vulnerable.

• Meltdown and Spectre: Here’s what Intel, Apple, Microsoft, others are doing about it
  
  

Motivated hackers can get malicious software (malware) running on your computer and exploit the Meltdown and Spectre vulnerabilities to get access to your passwords, emails, instant messages and even business-critical documents. It’s not good, to say the least.

What is Pensar doing about this?

We're updating and patching all machines for all our clients on monthly support agreements. This is going to take some time, and some patches are not even available yet. Certain mission-critical computers may need to be replaced entirely with new machines.

If you're concerned about your business (and not yet covered by our monthly support service) and would like to know more about what you can do to protect your data, get in touch with us here. In the meantime, you need to be extra vigilant, keep security in mind and always think before you click.

Further reading:

• Cyber security training for SMBs: 8 free resources
• 15 best (and most reliable) sources of IT security news
• 4 encrypted email services that will protect your data and privacy
• How to create a strong password: 8 essential tips