(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) })(window,document,'script','https://www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-78946278-1', 'auto'); ga('send', 'pageview');
407-478-6600    Get SUPPORT

TaylorWorks Blog

TaylorWorks has been serving the Longwood area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

Just a few months after finding themselves in a firmware fiasco, Intel is making news for all the wrong reasons. This issue had the potential to affect the CPU of a device, causing a severe dip in the performance of the device.

In a blog post by a user going by the name Python Sweetness, an issue was reported, describing “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.” This means that, thanks to this bug, the interactions that different programs would have with the CPU would be affected.

Under normal circumstances, a CPU will have two modes that it operates under: kernel, which permits the user to make changes to the computer itself, and user, which is considered a ‘safe’ mode. Python Sweetness discovered a bug that blurred the distinction between the two modes. The bug allowed programs run in user mode to also access kernel mode, possibly allowing malware to access the computer’s hardware.

However, the circumstances have proven to be less dire than they originally appeared. The expectation was that this bug would cause entire processes to shift back and forth between user and kernel mode, hamstringing the speed at which the device would operate. There was also the expectation that this issue would not be able to be resolved without a hardware change.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android devices had an update pushed on January 5 to provide some mitigations, with more protections coming in later updates. These patches have already been pushed to Google-branded phones, like the Nexus and Pixel lines, and may have been on other Android devices. It doesn’t hurt to check, and if you haven’t been updated, go online and put pressure on your carrier on a public forum.

Google Chrome should be updated with similar mitigations on January 23, with other browsers updating soon after. To help protect yourself until then, have your IT team activate Site Isolation to minimize the chance of a malicious site accessing data from another browser tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These kinds of issues help to demonstrate the value of an MSP’s, or managed service provider’s, services. MSPs like TaylorWorks are sure to keep themselves informed on the latest developments in IT security and any resolutions they can pass on to businesses like yours, if they don’t implement them on your behalf.

As a result, you and the rest of your team can go about your business without having to concern yourself with solving issues like these, knowing that you can trust the team who is solving it for you. For more ways that an MSP can help keep your business security and operations optimized, reach out to TaylorWorks at 407-478-6600.

What Does Redundancy Mean for Your Business
Personalities are Key to Successful Networking
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 27 May 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Newsletter Sign Up

  • Company Name *
  • First Name *
  • Last Name *

      Tag Cloud

      Tip of the Week Security Cloud Technology Managed IT Services Network Security Privacy Best Practices Business Computing Hackers Email Data Backup Malware Hosted Solutions VoIP Software Backup Google Microsoft Outsourced IT Data Recovery Saving Money Mobile Devices Business Continuity Cloud Computing Data Android Small Business IT Support Internet Cybersecurity Cybercrime Disaster Recovery Efficiency Ransomware Internet of Things Managed IT How To IT Services Smartphones Hardware Law Enforcement Communications Tech Term BDR Innovation User Tips Business Communication Computers Data Security Data Protection Smartphone Managed IT Services Mobile Device Management Two-factor Authentication Router Business Intelligence Avoiding Downtime Productivity Browser Virtualization Business Management Collaboration Phishing BYOD Chrome Artificial Intelligence Social Engineering Redundancy Remote Monitoring Bandwidth Spam Mobility Network Vulnerability Windows Compliance Apps Gadgets App Proactive IT Telephone Systems Money Windows 10 Identity Theft Alert Credit Cards Save Money Data Breach Data loss Spam Blocking Infrastructure Office 365 Website IT Support Operating System Value Flexibility Information Technology Comparison Applications Workers Data Storage Work/Life Balance Firewall Update Budget VPN Big Data IT Management Employer-Employee Relationship Solid State Drive Business Owner Smart Tech Private Cloud IT Plan Holiday CES Bring Your Own Device Social Media Document Management Unsupported Software Server Mobile Device Wi-Fi Computer Word Passwords OneNote Wireless Technology Servers webinar Computer Care Google Apps Hosted Computing Botnet Lifestyle Marketing PDF Physical Security Human Resources Scam Hacker Microsoft Office Black Market Fraud Flash Conferencing Samsung Hacking Inventory HaaS Travel Mobile Computing Google Drive Downtime Automation Technology Tips HIPAA Staff Addiction Battery Amazon Facebook Screen Mirroring Password Manager Access Control HBO Root Cause Analysis Digital Signature Cache Remote Computing Education Amazon Web Services Sync Cast Windows 10s Hard Drives Data Management Business Mangement Authentication Software as a Service Computing Infrastructure Outlook Meetings Networking Encryption Wireless Internet Online Shopping Telephony SaaS Gmail Nanotechnology Government Specifications Frequently Asked Questions Current Events Strategy Training Evernote Skype Audit Recycling Connectivity End of Support Millennials Excel Knowledge Analysis Productivity Virtual Reality Wireless Charging The Internet of Things Office Tips Start Menu Health Emails Data Warehousing eWaste Content Filtering Devices Workforce Tip of the week Network Congestion Charger Worker Commute Fiber-Optic IoT Mobile Computer Fan Criminal Thought Leadership Legal Google Docs Users Telecommuting Windows Server 2008 IT Consultant Accountants Electronic Medical Records Cables Upgrade Password Professional Services FENG Streaming Media Voice over Internet Protocol Wireless Recovery Remote Work Windows 7 Leadership Unified Threat Management Unified Communications Keyboard Insurance Windows 10 Tools Netflix Public Cloud Content Management Content Filter Multi-Factor Security Regulations Settings Cleaning Save Time Theft Practices Software Tips Cortana Risk Management Blockchain Patch Management Storage Trending Computer Accessories 5G Managed Service Provider Music IBM CrashOverride Politics Twitter Bluetooth Quick Tips Wearable Technology Customer Relationship Management Transportation IP Address Video Games Automobile USB Customer Service Colocation Office Benefits Mobile Office Worker Domains Loyalty Troubleshooting Relocation Smart Technology Scalability Rootkit Public Speaking Hosted Solution Internet Exlporer Humor Wire Lithium-ion battery Augmented Reality Content Tech Support Two Factor Authentication Sports Safety Workplace Tips Vendor Management Assessment Hiring/Firing Audiobook WiFi Internet exploMicrosoft Instant Messaging Competition Fun Files Webinar Advertising Television Entertainment Books How to Miscellaneous History IT solutions Public Computer Best Practice Search Techology Emergency Shadow IT Presentation Employer Employee Relationship Experience User Error Hybrid Cloud

      Mobile? Grab this Article!

      QR-Code dieser Seite