It is not known whether Meltdown and Spectre, the two major security vulnerabilities announced on January 3, have been already exploited by hackers.
But computer users need to be aware of the threat and also expect slowdowns and performance issues as the computer industry scrambles for a fix, says Michael Augustson, associate director of information services at Capitol Technology University.
The vulnerabilities, one of which affects Intel products and the other which affects virtually every processor on the market, were discovered independently by different research teams during 2016.
Explains Augustson: “A design flaw in Intel processors dating back to 2011, and potentially further, can be exploited to allow a program to copy memory in secured locations on the operating system – which could include things like passwords, keys for password managers or encryption tools,”
“The exploit could allow an attacker to read system protected memory,” Augustson says.
Patches released by Microsoft are designed to protect Windows 10 and Windows 7/8 systems but at some cost to performance, he notes, with the degradations most strongly felt by organizations with large computer networks.
“There’s currently not enough data to tell exactly what the effects are going to be, and it will depend a lot on the software the company uses and how they use it - but significant slowdowns to both server and endpoint business systems are expected, “ Augustson says. “It may mean a lot of businesses find themselves having to purchase newer systems unaffected by the hardware flaw.”
What should individual computer users do? Microsoft recommends that you install the latest Windows security patches and check with your computer’s manufacturer for any available firmware/driver updates, which may include new CPU microcode designed to help mitigate the issue.
A list of anti-virus solutions and their compatibility with the current iteration of the patch can be found here.
“We don’t know the full scope of the problem yet. Much may change as more research is done and information made available,” Augustson says. “In the meantime, be cautious and exercise common sense.”
But computer users need to be aware of the threat and also expect slowdowns and performance issues as the computer industry scrambles for a fix, says Michael Augustson, associate director of information services at Capitol Technology University.
The vulnerabilities, one of which affects Intel products and the other which affects virtually every processor on the market, were discovered independently by different research teams during 2016.
Explains Augustson: “A design flaw in Intel processors dating back to 2011, and potentially further, can be exploited to allow a program to copy memory in secured locations on the operating system – which could include things like passwords, keys for password managers or encryption tools,”
“The exploit could allow an attacker to read system protected memory,” Augustson says.
Patches released by Microsoft are designed to protect Windows 10 and Windows 7/8 systems but at some cost to performance, he notes, with the degradations most strongly felt by organizations with large computer networks.
“There’s currently not enough data to tell exactly what the effects are going to be, and it will depend a lot on the software the company uses and how they use it - but significant slowdowns to both server and endpoint business systems are expected, “ Augustson says. “It may mean a lot of businesses find themselves having to purchase newer systems unaffected by the hardware flaw.”
What should individual computer users do? Microsoft recommends that you install the latest Windows security patches and check with your computer’s manufacturer for any available firmware/driver updates, which may include new CPU microcode designed to help mitigate the issue.
A list of anti-virus solutions and their compatibility with the current iteration of the patch can be found here.
“We don’t know the full scope of the problem yet. Much may change as more research is done and information made available,” Augustson says. “In the meantime, be cautious and exercise common sense.”
No comments:
Post a Comment