(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','https://www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-78946278-1', 'auto'); ga('send', 'pageview');
407-478-6600    Get SUPPORT

TaylorWorks Blog

TaylorWorks has been serving the Longwood area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

Just a few months after finding themselves in a firmware fiasco, Intel is making news for all the wrong reasons. This issue had the potential to affect the CPU of a device, causing a severe dip in the performance of the device.

In a blog post by a user going by the name Python Sweetness, an issue was reported, describing “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.” This means that, thanks to this bug, the interactions that different programs would have with the CPU would be affected.

Under normal circumstances, a CPU will have two modes that it operates under: kernel, which permits the user to make changes to the computer itself, and user, which is considered a ‘safe’ mode. Python Sweetness discovered a bug that blurred the distinction between the two modes. The bug allowed programs run in user mode to also access kernel mode, possibly allowing malware to access the computer’s hardware.

However, the circumstances have proven to be less dire than they originally appeared. The expectation was that this bug would cause entire processes to shift back and forth between user and kernel mode, hamstringing the speed at which the device would operate. There was also the expectation that this issue would not be able to be resolved without a hardware change.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android devices had an update pushed on January 5 to provide some mitigations, with more protections coming in later updates. These patches have already been pushed to Google-branded phones, like the Nexus and Pixel lines, and may have been on other Android devices. It doesn’t hurt to check, and if you haven’t been updated, go online and put pressure on your carrier on a public forum.

Google Chrome should be updated with similar mitigations on January 23, with other browsers updating soon after. To help protect yourself until then, have your IT team activate Site Isolation to minimize the chance of a malicious site accessing data from another browser tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These kinds of issues help to demonstrate the value of an MSP’s, or managed service provider’s, services. MSPs like TaylorWorks are sure to keep themselves informed on the latest developments in IT security and any resolutions they can pass on to businesses like yours, if they don’t implement them on your behalf.

As a result, you and the rest of your team can go about your business without having to concern yourself with solving issues like these, knowing that you can trust the team who is solving it for you. For more ways that an MSP can help keep your business security and operations optimized, reach out to TaylorWorks at 407-478-6600.

What Does Redundancy Mean for Your Business
Personalities are Key to Successful Networking
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 25 February 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Newsletter Sign Up

  • Company Name *
  • First Name *
  • Last Name *

      Tag Cloud

      Tip of the Week Security Cloud Managed IT Services Privacy Technology Best Practices Network Security Business Computing Hackers VoIP Microsoft Software Backup Outsourced IT Data Backup Email Malware Mobile Devices Business Continuity Google IT Support Saving Money Hosted Solutions Small Business Cloud Computing Data Recovery Disaster Recovery Android How To Cybersecurity Smartphones Hardware Data Efficiency Innovation Business Chrome Ransomware Avoiding Downtime Communication Managed IT Services Managed IT Two-factor Authentication BDR User Tips Cybercrime Law Enforcement Internet of Things Communications Internet App IT Services Money Collaboration Alert Remote Monitoring BYOD Spam Mobile Device Management Social Engineering Compliance Computers Data Security Gadgets Browser Mobility Telephone Systems Proactive IT Windows Router Business Management Virtualization Windows 10 Business Intelligence Phishing Server OneNote Wi-Fi Computer Passwords Data Breach IT Management Solid State Drive Business Owner Spam Blocking IT Plan Holiday CES Private Cloud Value Document Management Operating System Bandwidth Unsupported Software Office 365 Identity Theft Word Artificial Intelligence Credit Cards Workers Save Money Vulnerability Firewall Redundancy Flexibility Apps Data Protection Productivity Information Technology Budget Smartphone Network Comparison Employer-Employee Relationship Data Storage Work/Life Balance Bring Your Own Device Social Media Virtual Reality Office Tips Wireless Charging Health Settings Start Menu Data Warehousing Patch Management eWaste Workforce webinar Tip of the week Computer Care Worker Commute Fiber-Optic Mobile Cortana Google Docs Scam Legal Wireless Technology Criminal Telecommuting Conferencing Windows Server 2008 Samsung Hacker Password Marketing Cables Professional Services Downtime Voice over Internet Protocol Microsoft Office Remote Work IT Support Windows 7 Recovery Technology Tips Unified Communications Tools Root Cause Analysis Multi-Factor Security Mobile Device Website Content Management Public Cloud Regulations Save Time Theft Windows 10s Meetings Trending Networking Software Tips Risk Management Blockchain Servers Hard Drives SaaS Google Apps Botnet Lifestyle Current Events Physical Security Human Resources PDF Fraud Flash Training Black Market Data loss Hacking HaaS Infrastructure Audit Travel Mobile Computing Knowledge HIPAA Staff Google Drive Facebook Amazon Emails Battery Screen Mirroring Content Filtering Password Manager Network Congestion HBO Productivity Remote Computing The Internet of Things Digital Signature Education Amazon Web Services Sync Charger Cast Data Management Business Mangement Computing Infrastructure Computer Fan Software as a Service IT Consultant Outlook Electronic Medical Records Big Data Applications Users Online Shopping Telephony Government Gmail FENG Specifications Leadership Frequently Asked Questions Upgrade Keyboard Evernote Netflix Skype Unified Threat Management Update Wireless Recycling End of Support Millennials Excel Windows 10 Cleaning Experience WiFi Audiobook Presentation Internet exploMicrosoft Computer Accessories Instant Messaging Music Files CrashOverride Entertainment 5G Advertising Managed Service Provider Bluetooth How to IBM Wearable Technology History Automation Transportation Best Practice Customer Relationship Management IP Address USB Techology Benefits Customer Service Worker Shadow IT Office Loyalty Mobile Office Troubleshooting User Error Smart Technology Domains Hybrid Cloud Rootkit Relocation Hosted Solution Politics Public Speaking Quick Tips Humor Lithium-ion battery Augmented Reality Two Factor Authentication Video Games Tech Support Vendor Management Assessment Automobile Safety Colocation Webinar Hiring/Firing Television Books Competition Encryption Fun Scalability IT solutions Public Computer Miscellaneous Internet Exlporer Content Emergency Search Employer Employee Relationship Workplace Tips

      Mobile? Grab this Article!

      QR-Code dieser Seite