New year, new cyber threats
It was just 3 days into 2018 and new ‘exploits’ attacks have been reported affecting microprocessors from all the major manufacturers. The exploits work off vulnerabilities in microprocessors that will allow kernel memory to be accessed, allowing all data in memory to be viewed or copied.
These vulnerabilities have been dubbed Meltdown (1 reported) and Spectre (2 reported). Some details on the vulnerabilities explained below.
Meltdown
- Only Intel CPUs have been identified to have this vulnerability
- Leaked memory can store private and sensitive information such as passwords and credit card into
- Microsoft has released patches through Widows update to mitigate exposure
Spectre
- Report to affect almost all CPU manufactures
- Intel is the most hard hit but 3rd party testing has also confirmed AMD and ARM CPUs have the vulnerabilities
- Ready to run JavaScript exploits were created as soon as the 4th of January
- Microsoft has released patches through Widows update to mitigate exposure
While it is difficult to trace whether you have been hit by this exploit due to the way these applications would function, we have not been able to find any reports
Microsoft has offered some advice that will help protect against attacks:
- Make sure your antivirus software is up to date.
- Keep your device up to date.
- Check that you’ve installed the January 2018 Windows operating system security update from Microsoft. If automatic updates are turned on, the updates should be automatically delivered to you, but you should still confirm that they’re installed.
- Install any firmware updates from your device manufacturer.