No doubt you’ve heard about two recent cybersecurity issues, referred to as Meltdown and Spectre. Both allow “low-privilege” users to access sensitive data, and could potentially enable hackers to access account data, passwords, and other information. The vulnerabilities affect laptops, desktops, cloud-based computers, and even some smartphones, tablets, and other internet-connected devices.
The issue is actually present in the hardware – specifically the central processing unit – of the device. Meltdown affects most Intel processors, which are present in a majority of PCs and over 90 percent of computer servers. Spectre also affects Intel processors, as well as those made by AMD and other manufacturers.
Fortunately, all major processor manufacturers, as well as Microsoft, Apple, and other software developers, are issuing patches to address both issues. Keeping your software up-to-date, including operating systems and all browsers, is crucial.
At Backstop, we recommend using the latest version of the Firefox browser. If you prefer to use the Chrome browser, we recommend installing an interim repair feature, known as Site Isolation, which you can learn more about here. (Google has announced plans to release a permanent repair on January 23rd.)
Since the earliest notifications of these security breaches, the Backstop technology team has been diligently working with our own software providers to install solutions and ensure all client data is protected. Our cloud service providers are also in the process of upgrading their equipment.
If you’d like to learn more, additional information about Meltdown and Spectre is available from the SANS Institute.
Update as of February 14, 2018: