CPU Vulnerability Scare – What You Need To Know

You have probably heard about Meltdown and Spectre. Within the first few days of the brand new year, experts revealed a set of key vulnerabilities that had been discovered in the  3 major CPU chips – vulnerabilities that could, if exploited, be used to gain access to private information stored in computers and in wider data networks.

What’s In A Name?

One of the reasons that this latest security threat is confusing people is because it’s not one security threat. It’s actually multiple vulnerabilities discovered within different CPU’s – they just happened to be found at the same time. But while they are similar, there are some key differences, which are hinted at in their names:

  • Meltdown – Causes the security boundaries usually put in place by your hardware to meltdown, leaving your systems vulnerable to attack. Affects laptops, desktops and any internet server with an Intel chip inside.
  • Spectre – Breaks the isolation between different applications. This could allow attackers to trick error-free programmes that follow best practices into leaking all of their data. As well as affecting laptops, desktops and servers, Spectre can also affect smartphones, tablets and any computer powered by Intel, ARM or AMD.

So What Happens Now?

Well, the good news is that the UK National Cyber Security Centre (NCSC) has confirmed that there is no evidence that the vulnerability has been exploited. But now that it’s been made public, there are concerns that it will be. Luckily, many companies have responded swiftly. Microsoft, Apple and Linux have all issued security patches,  and Google has also issued a lengthily statement advising users of the steps they can take to protect themselves, which you can read here.

So the best advice we at ACT Systems can give is to make sure all of your applications (including your anti-virus software) and operating systems are up to date, with any security patches installed right away. More updates and patches will be coming in the following days, so you may need to keep checking this. For more information or advice on dealing with these bugs,  get in touch with us today.