A great meltdown to the new year.

Happy New Year,

As the relentless passage of time continues so do the reports of new security vulnerabilities. This time it is the turn of Intel (bing bong bong bong) based CPUs with Meltdown. And the Spector vulnerability for pretty much every system including smartphones.

What now ?!

An extremely serious flow in the design of Intel CPU's allows an attacker to access memory on the system. More technical details on the Meltdown flaw here. Spectre is much more serious as it is harder to mitigate and defend against as most systems will be affected. Thankfully it is also harder to exploit, this is not to say that it will stay that way for long. More technical details on Spectre here.

Whats the risk ?

If your system is affected, the exploits can read the memory content of your computer. This may include passwords and sensitive data stored on the system. This includes desktops, laptops, servers, smartphones, also virtualised systems.

What can we do ?

For the Meltdown flaw there are already patches from the major operating system providers incoming. Keep an eye out for them in the coming days.

For Spectre this one is so fundamental it may not be patched by vendors for sometime. Expect updates to trickle out slowly.

There is more information on the official Meltdown & Spectre website.

**Update**

Microsoft have some mitigation steps to follow here

https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution-s

2020

COVID-19 Operating Policy Update

1 minute read

Update Certification Audits and Assessments. Update During this unprecedented time we wanted to update you on how we’re approaching the situation and how thi...

Flash will be EOL by the newyear.

less than 1 minute read

Flash will be end of life 31st December 2020 It’s been with us for over 20 years and a pain point in IT support and security for almost as long. Adboe will n...

COVID-19 Operating Policy

1 minute read

Certification Audits and Assessments. During this unprecedented time we wanted to update you on how we’re approaching the situation and how this affects your...

Back to top ↑

2019

My version of Windows 10 is not supported?

1 minute read

Wait what? I thought that Windows 10 was the latest version of Windows.... This is a typical response from clients during a scoping call or pre audit meet...

Back to top ↑

2018

A great meltdown to the new year.

1 minute read

Happy New Year, As the relentless passage of time continues so do the reports of new security vulnerabilities. This time it is the turn of Intel (bing bong b...

Back to top ↑

2017

KRACKing WPA2 Wifi

2 minute read

Researchers this week published information about a serious weakness in WPA2 — the security standard that protects all modern WiFi networks. In non-tech spe...

Install iOS 10.3.3 ASAP

less than 1 minute read

Apple have released iOS 10.3.3 and it has a large number of fixes that you should apply as soon as you can. iOS 10.3.3 fixes a number of security issues, tha...

Code Red for Wcry, Do the Cyber Essentials

1 minute read

Those of us who remember Code Red back in 2001, that worm spread around the internet in around 14 hours. That was an early demonstration to how important it ...

Back to top ↑