Network Synergy Blog

Network Synergy has been serving the Trumbull area since 1988, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

Intel recently found itself (once again) in hot water, mere months after many flaws were discovered in the firmware that enables all of their chips to do their job. This time, the issue could have potentially caused a permanent dip in the CPU’s capacity to function properly. This has come to be known as the Meltdown vulnerability.

This issue was first reported in a blog maintained by an unknown user identified only as Python Sweetness, who summed up what they described as “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.”

In other words, a bug had been discovered that messed with how different programs could interact with the CPU. Normally, the CPU has two modes: kernel, which allows complete, carte blanche access to the computer itself, and user, which is supposed to be the ‘safe’ mode. The issue that Python Sweetness discovered was that the bug allowed programs that were run in user mode to access kernel mode. This could potentially open the door for malicious programs and malware to access a user’s hardware itself and see anything that’s going on in protected memory space, meaning programs could gain access to memory being used by other programs, or in the case of virtual machines they could cross-talk between VMs as well.

Fortunately, a fix has been developed that will likely only cause a 2% dip in system performance, a greatly lesser sacrifice than what was initially expected. Originally, it was assumed that entire processes would be shifted from user mode to kernel mode and back again, slowing the entire system down considerably. There has since been a Windows update to mitigate the CPU issue, despite the expectation that it would take a hardware change to implement it.

For PCs with Windows 10 installed, and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892), or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

If you have an Android device, there was an update on January 5 that provided mitigations, with the promise of further updates to add to these protections. Google-branded phones, including the Nexus and Pixel lines, should have already received the patches, and other Android phones may have as well. It is something that you should check, and if you haven’t received an update yet, reach out to your carrier and ask why (posting publicly can get you extra points).

An update to Google Chrome is expected on January 23, with other browsers following suit, that will also include mitigations. In the meantime, ask your IT resource to help you activate Site Isolation to help keep a malicious website from accessing your data from another tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

Issues like these are exactly why businesses need a managed service provider looking out for them. An MSP, like Network Synergy, would have heard about this issue and its associated update (or any issue/update, for that matter) and taken the actions needed to resolve it.

This is all done without the business needing to worry about handling any of it, freeing its internal staff to complete projects that generate profit, rather than work to maintain operations and security.
For more ways that an MSP can benefit your crew, reach out to us at 203.261.2201.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 20 February 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Mobile? Grab

QR-Code dieser Seite

Sign Up

  • First Name *
  • Last Name *

      Blog Categories

      Tech Support Managed IT Service Holiday Dark Web Social Media Managed Service Provider Internet File Sharing Upgrades IBM Remote Support Networking Mobile Computing Google Calendar Business Continuity Big Data Legal Firefox Smartphone 3D Electronic Medical Records App eWaste Settings Server Management Saving Money Law Enforcement Statistics Data Loss Government Business Growth Laptop IT Solutions Web Server Vendor Management Files Safety Mail Merge Risk Management Distributed Denial of Service Crowdfunding Macro GPS G Suite Environment Permissions Staff Analyitcs Data Backup Mirgation Virtual Desktop Recovery Private Cloud Data storage Fun Documents Best Practice Hacks Backups Customer Relationship Management Politics Memory Website Co-managed IT Password Wi-Fi Maintenance Google Wallet Hacking CrashOverride Internet of Things Regulations Alert WiFi Phone System iPhone Save Time Refrigeration IT Support Gaming Console Drones Conferencing Fraud Virtual Reality Internet Exlporer Innovation Black Market Buisness Windows 10 Knowledge Virus Scheduling Data Warehousing Gadget Deep Learning Typing Ransomware User Tips Superfish Managed IT Services Software Tips Tip of the Work Streaming Media Public Cloud Address Smartphones Congratulations Antivirus Microsoft Google Identities Security Wireless Network Congestion IT Management Unsupported Software IT Services Public Speaking Hosted Solution Staffing Training IT Technicians Cleaning Health Crowdsourcing LinkedIn Virtual Private Network Mobile Office User Error Net Neutrality Troubleshooting Administrator Domains Presentation Cybercrime Service-based Business YouTube Computing Food Business Management Scary Stories Consultation Personal Information HIPAA Time Management Licensing Sync Money Google Maps Social Engineering Notifications Google Docs Tracking Mobile Device Management Uninterrupted Power Supply Network Software Scam IT Consulting CIO Office Tips Legislation Proactive IT 3D Printing Secruity Display PDF Virtualization Touchscreen User Value Travel Meetings Relocation Miscellaneous Bluetooth Physical Security Work/Life Balance IT Consultant Android Running Cable Technology USB Malware Tutorials Unified Threat Management Apple Disaster Recovery Retail Consumers Social Networking Quick Tips Encryption Entrepreneur Telephony Social IT service Hiring/Firing Best Practices IT Support Communication Chromebook Webcam Augmented Reality Current Events How To Help Desk Unified Communications Inbound Marketing Webinar Vulnerability Bandwidth Downtime Computer Repair Alerts Taxes Hackers Efficiency SharePoint Corporate Profile Router Cloud Network Security Project Management Employer-Employee Relationship Writing Administration Charger Shortcut Passwords 5G Apps Multi-Factor Security Tip of the Week Disaster Resistance Windows 8.1 Update Computing Infrastructure Going Green Privacy VoIP Patch Management Printing Cameras Websites Twitter Gmail Law Firm IT Marketing Network Management Comparison Printer Programming Cost Management Productivity Identity Theft VPN Wireless Technology Phishing Unified Threat Management Cortana Cyber Monday Mobile Data Thank You Downloads Work Station Smart Technology Tip of the week Blockchain Education Computer Text Messaging PC Care Managed IT services Customer Service Data Experience Monitors Bitcoin Business Computing Mobile Device Avoiding Downtime Emoji Infrastructure Remote Monitoring Artificial Intelligence LiFi Facebook Outlook Hacker Solid State Drive Google Analytics Outsourced IT Mobile Devices Video Surveillance Technology Tips Cooperation Small Business Computers Windows 8 Servers Operations Digital Payment Competition BDR Motion sickness Two-factor Authentication Firewall Point of Sale Collaboration Techology Leadership Upgrade Data Recovery Workplace Tips Battery Processors Save Money Humor Lenovo Lithium-ion Battery Botnet Tablet The Internet of Things Remote Computing Computer Accessories IP Address Word History Mobility Productivity Hosted Solutions Alt Codes Spyware Machine Learning Mobile Security Email Halloween Logs Supercomputer Bring Your Own Device Trainging Wearable Technology Data Management Excel eBay Fax Server Company Culture Access Control Heating/Cooling Search Gadgets Samsung Data Breach Assessment Error Mouse CCTV Robot Trending Automobile Content Filtering Break Fix Paperless Office Print Server Application People Office Piracy Debate Spam Hardware PowerPoint IT budget Digital Signature Business Owner Cabling Mobile Technology Cybersecurity Skype Users Intranet Managed IT Start Menu Cloud Computing Microsoft Office Budget Office 365 BYOD Browser Google Drive Digital Windows 10 Document Management Flexibility communications Microsoft Excel Black Friday Hotspot Specifications Applications Sports SaaS Best Available Recycling End of Support Automation Backup Redundancy Computer Care Online Currency Chrome Data Security Server Telephone Systems Business Language Information Technology Technology Laws Hard Disk Drive Cryptocurrency Operating System Undo Compliance Disaster Nanotechnology Business Technology Windows Hard Drives Business Intelligence Saving Time Software as a Service

      Latest Blogs

      For the modern business owner or executive, making smart business decisions has become a necessity. Margins are small, efficiency is key, and if we were to be completely honest, bu...

      Latest News

      Our Site Has Launched!

      flag

      Welcome to Our New Site!
      We are proud to announce the unveiling of our new website at Network Synergy!

      Read more ...

      Contact Us

      Learn more about what Network Synergy can do for your business.

      callphone

      Call us today    203.261.2201

      Fax Number :    203-261-2935

      126 Monroe Turnpike
      Trumbull, Connecticut 06611

      facebook twitter linkedin #youtube