If you’ve been following the tech and cyber-security news over the last month, you will have heard about the discovery of two serious security flaws that affect many computer processors on the market today and going back several years. If these security flaws are news to you, here is a summary of the situation…
The Meltdown security flaw essentially ‘melts’ the security boundaries between applications and the operating system. This attack allows a malicious program to access the memory, and therefore the secrets (for example: passwords & sensitive user information) of other programs and the operating system itself.
Spectre exploits vulnerabilities with a technique known as ‘speculative execution’ where the processor tries to predict what a program wants to do and does those calculations before they are called for. Spectre forces programs on a user’s operating system to access an arbitrary location in the program’s memory space. By exploiting this process, an attacker can see what another program is doing and read its data. For example, a malicious website could read data stored in the browser for another website, or the browser’s memory itself.
Meltdown affects almost every Intel CPU powered device made since 1995. Spectre affects ARM, Intel and AMD CPUS.
What’s the Fix?
There are Operating System patches for Meltdown for Linux, Windows and OS X. Make sure both your Antivirus and Operating system is up-to-date. Software developers are working on patches and updates for Spectre.
More detailed information on Meltdown and Spectre can be found here: https://meltdownattack.com/. At Veracity Technology, we are always keeping on top of new security threats, and keeping our customers safe through secure offsite backups. Get in touch with the Veracity Technology team in Woolloongabba by calling us on 1300 8500 172 or email firstname.lastname@example.org.