Talk around our office at Bayou Technologies has centered a lot recently over concerns and remedies in regard to the new ‘Meltdown’ vulnerability. Kevin Herrick, one of my employees, submitted the following spot-on commentary to me. As I feel I couldn’t have stated it better myself, I wanted to share this important info with you as written by Kevin:
Last week we learned about the Meltdown and Spectre vulnerabilities in virtually all modern CPUs. In the aftermath, we have seen a lot of finger pointing and some misinformation by companies affected. What we will attempt to do is clear up some of the confusion surrounding this topic.
The reason there is so much confusion is most likely because while we think of “computers” as a general term, there are important differences between manufacturers and developers. This is compounded by the fact there are two different vulnerabilities which have similar effects. This has led people to believe they are one in the same which is not the case. The core issue is located on the physical CPU, but Microsoft has rolled out an update that, while mitigating the security flaw, has degraded system performance on many computers. When users apply the firmware update performance could take another hit. However, it is important that everyone apply all security updates, but users on older computers will feel that performance decrease the most.
People now want to know what they can do to protect themselves against this ongoing threat. First, applying updates for your OS is critical. Microsoft, Apple and Linux have all released some form of patch or fix. The second step will be to update your anti-virus program. If your anti-virus is compatible, this should occur automatically if updates are enabled. The number of companies with compatible updates is increasing daily. Lastly, apply firmware updates to your devices. Firmware updates will come directly from your device manufacturer such as Intel, HP, Dell, Samsung, Apple, etc.
Meltdown affects virtually all devices made in the past 10 to 15 years. As of now, the biggest impact has been the degradation of system performance on devices which have the latest updates. Microsoft has suspended updates for some AMD processors due to many older systems crashing after the patch is applied. So how does this currently affect the end user? As of now, without a known exploit to the vulnerability, you are safe regarding security. However, this could change quickly as new exploits are released daily. While system performance could take a hit, it is essential to apply the latest updates. It is also important to understand the difference between a ‘vulnerability’ and an ‘exploit’. A vulnerability is a weak point in a system which can be taken advantage of by an exploit. Think of the vulnerability as an unlocked door, while the exploit would be the person with unauthorized access. With this vulnerability being so widespread, and new information being released daily, the importance of having a trustworthy, reliable partner for your IT needs and information is imperative. Contact us at Bayou Technologies if you need further assistance with this or any other computer questions you might have.