Meltdown and Spectre
In 2017 computer researchers found a hardware design flaw in the processor inside most of our computers and servers. They made their findings public in January of 2018. The flaw has been there for years.
This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation.
So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. There are also some papers that suggest that this exploit can run in a browser such as Internet Explorer or Chrome. Not good.
So what’s the solution?
All computers need to be updated and patched. Microsoft expects to release a patch on January 9th. Google has announced that it expects to have a patch ready for Chrome January 23rd.
The important thing for you to know is that this isn’t an issue on your computer unless malicious software gets installed. You need to be on the watch for emails and websites that try to trick you in to installing malicious programs.
If you would like some security awareness training where you learn how to spot their tricks, please contact Extra Mile Technology Services.