Talk around our office at Bayou Technologies has centered a lot recently over concerns and remedies in regard to the new ‘Meltdown’ vulnerability. Kevin Herrick, one of my employees, submitted the following spot-on commentary to me. As I feel I couldn’t have stated it better myself, I wanted to share this important info with you as written by Kevin:
Recently, we learned about the Meltdown and Spectre vulnerabilities in virtually all modern CPUs. In the aftermath, we have seen a lot of finger-pointing and some misinformation from affected companies. Let’s clear up some of the confusion about this topic.
The reason there’s so much confusion is most likely because, while we think of “computers” as a general term, there are important differences between manufacturers and developers. This is compounded by the fact there are two different vulnerabilities, which have similar effects. This has led people to believe they are one in the same, which is not the case.
The core issue is the physical CPU. But Microsoft has rolled out an update that, while mitigating the security flaw, has degraded system performance on many computers. When users apply the firmware update, performance could take another hit. Those using older computers will experience the greatest performance decrease.
However, it’s important that everyone apply all security updates.
People want to know what they can do to protect themselves against this ongoing threat. First, applying updates for your OS is critical. Microsoft, Apple and Linux have all released some form of patch or fix.
The second step is to update your anti-virus program. If your anti-virus is compatible, this should occur automatically if updates are enabled. The number of companies with compatible updates is increasing daily.
Lastly, apply firmware updates to your devices. Firmware updates will come directly from your device manufacturer, such as Intel, HP, Dell, Samsung, Apple, etc.
Meltdown affects virtually all devices made in the past 10-15 years. As of now, the biggest impact has been the degradation of system performance on devices which have the latest updates. Microsoft has suspended updates for some AMD processors due to many older systems crashing after the patch is applied.
So how does this currently affect you? As of now, without a known exploit to the vulnerability, you are safe regarding security. However, this could change quickly, as new exploits are released daily.
While system performance could take a hit, it is essential to apply the latest updates. It is also important to understand the difference between a “vulnerability” and an “exploit.” A vulnerability is a weak point in a system which can be taken advantage of by an exploit. Think of the vulnerability as an unlocked door, while the exploit would be the person with unauthorized access.
With this vulnerability being so widespread, and new information being released daily, the importance of having a trustworthy, reliable partner for your IT needs and information is imperative.