Due to the release of Intel’s vulnerability, you need to know how to protect against new security flaws Meltdown and Spectre.
The new security flaws called Meltdown and Spectre give hackers the ability to exploit a feature of on computer processors “speculative execution.” Speculative execution is when a CPU performs an action before it necessarily needs to be done resulting in getting things done as fast as possible.
Unfortunately, this feature will also allow hackers to run code without proper permission. This may also allow and potentially see anything your computer is doing.
The meltdown security flaw exploits Intel x86-64 processors specifically and can be protected against with operating system-level security updates and patches.
The spectre security flaw represents a complex sophisticated attack that could work on virtually all processors and may be impossible to completely protect against in software alone.
How to Protect Against New Security Flaws Meltdown and Spectre?
The meltdown security flaw will require an update to your Windows operating system.
Microsoft has pushed out emergency updates through its Windows Update system. Windows 10 operating system is available now and Windows 7 and Windows 8 updates will be available next week.
Apple has not released an update or comment on a fix for macOS.
If you work with a managed IT services provider, this should have taken place already or be scheduled to maximize uptime and security.
Ensure your browser is updated and secure.
Google is releasing Chrome 64 on January 23rd and it will have updates to help protect against these exploits. Good news is that Chrome already has a feature called “Site Isolation” that can help protect but it is disabled by default as it will affect performance.
If you want to turn on Google Chrome Site Isolation, please do the following:
- Type chrome://flags/#enable-site-per-process into your Chrome browser bar
- Select the box next to “Strict site isolation”
If you use Firefox version 57 and up have a quick fix that reduces the ability of websites to gain access to the precise timing details that would be required to execute an attack.
All details on how to fix it can be found here.
Apple has not offered a fix to the issue nor made any comment. Until Apple addresses the issue, it is strongly recommended that you use Chrome or Firefox until Apple issues an operating system update.
Internet Explorer and Microsoft Edge
Microsoft will address these within the operating system update release.
Our complimentary network and security assessment can put your IT infrastructure and business to the test. Our tools will ensure you are safe as well as show you how to protect against new security flaws meltdown and spectre.
365 iT SOLUTIONS is Toronto’s leading IT consulting boutique firm offering industry-leading IT solutions including Managed IT Services, IT Support Services, IT Outsourcing Services, Tech Support Services and Cloud Services.