Contact us today!
(800) 588-4430

Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Richland Hills area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

Intel recently found itself (once again) in hot water, mere months after many flaws were discovered in the firmware that enables all of their chips to do their job. This time, the issue could have potentially caused a permanent dip in the CPU’s capacity to function properly. This has come to be known as the Meltdown vulnerability.

This issue was first reported in a blog maintained by an unknown user identified only as Python Sweetness, who summed up what they described as “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.”

In other words, a bug had been discovered that messed with how different programs could interact with the CPU. Normally, the CPU has two modes: kernel, which allows complete, carte blanche access to the computer itself, and user, which is supposed to be the ‘safe’ mode. The issue that Python Sweetness discovered was that the bug allowed programs that were run in user mode to access kernel mode. This could potentially open the door for malicious programs and malware to access a user’s hardware itself and see anything that’s going on in protected memory space, meaning programs could gain access to memory being used by other programs, or in the case of virtual machines they could cross-talk between VMs as well.

Fortunately, a fix has been developed that will likely only cause a 2% dip in system performance, a greatly lesser sacrifice than what was initially expected. Originally, it was assumed that entire processes would be shifted from user mode to kernel mode and back again, slowing the entire system down considerably. There has since been a Windows update to mitigate the CPU issue, despite the expectation that it would take a hardware change to implement it.

For PCs with Windows 10 installed, and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892), or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

If you have an Android device, there was an update on January 5 that provided mitigations, with the promise of further updates to add to these protections. Google-branded phones, including the Nexus and Pixel lines, should have already received the patches, and other Android phones may have as well. It is something that you should check, and if you haven’t received an update yet, reach out to your carrier and ask why (posting publicly can get you extra points).

An update to Google Chrome is expected on January 23, with other browsers following suit, that will also include mitigations. In the meantime, ask your IT resource to help you activate Site Isolation to help keep a malicious website from accessing your data from another tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

Issues like these are exactly why businesses need a managed service provider looking out for them. An MSP, like Telesys Voice and Data, would have heard about this issue and its associated update (or any issue/update, for that matter) and taken the actions needed to resolve it.

This is all done without the business needing to worry about handling any of it, freeing its internal staff to complete projects that generate profit, rather than work to maintain operations and security.
For more ways that an MSP can benefit your crew, reach out to us at (800) 588-4430.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Saturday, 18 August 2018
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Blog Archive

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

Free Consultation
 

Tag Cloud

Security Tip of the Week Technology Cloud Best Practices Hackers Malware Privacy Business Computing Productivity Business Email Microsoft Internet Hosted Solutions Software Windows 10 Backup Managed Service Provider Computer IT Services Ransomware Network Security Mobile Devices Android Smartphone Managed IT services User Tips Workplace Tips Social Media Hardware Google IT Support Outsourced IT Browser Communication Disaster Recovery Innovation Business Continuity Efficiency Data Data Management App Data Backup Smartphones Holiday Cloud Computing Small Business Business Management Office Upgrade Office 365 Microsoft Office Network Windows Internet of Things Facebook Remote Monitoring Data Recovery Miscellaneous WiFi Server Artificial Intelligence Gmail Big Data Encryption Spam Productivity Unified Threat Management Bandwidth Firewall Password Apps Robot Save Money Paperless Office Phishing Hosted Solution Recovery Tech Term Risk Management Apple Cybersecurity Avoiding Downtime Managed IT Services Word Hacker Mobile Device Management Customer Service How To Content Filtering Saving Money Government Remote Computing Money Infrastructure Work/Life Balance Wi-Fi Customer Relationship Management Office Tips Chrome Tip of the week Passwords Employer-Employee Relationship Document Management Analytics Vendor Management Data Security Health The Internet of Things Applications IT Support Computers Alert Hacking Mobile Computing Data storage Tech Support Computing IT Management Education Operating System Cybercrime Antivirus Virtual Reality Mobile Device VoIP Managed IT Business Growth Data loss SaaS Presentation BYOD Social Website BDR Outlook Windows 10 Compliance Telephone Systems File Sharing Two-factor Authentication Settings Monitors Best Practice Politics Travel Lithium-ion battery VPN Business Owner Identity Theft Google Drive Automation Websites Physical Security Augmented Reality Going Green Virtual Private Network Smart Technology Marketing Taxes Assessment IBM HIPAA Running Cable Server Management Botnet Printing Router Mobile Security Samsung Competition Licensing Maintenance Bring Your Own Device Search Digital Payment Sports Storage Information Technology IT service Cortana Humor Virtualization Computer Care Administration Project Management Analyitcs Training IT solutions Safety Business Technology Wireless Technology Tablet Automobile Upgrades Wireless Budget Downtime End of Support Specifications communications Mouse YouTube Collaboration Unified Communications User Patch Management Scam Legal LiFi Regulations Retail Vulnerability Twitter Fleet Tracking VoIP streamlines Operations Heating/Cooling Legislation Hard Disk Drive Current Events Social Networking DFW IT Service Hard Drives Net Neutrality G Suite Firefox Processors Laptop Enterprise Resource Planning Virtual Desktop Asset Tracking business network infrastructure Wearable Technology Servers Motion Sickness Motherboard Refrigeration Techology Internet Exlporer Supercomputer Halloween Google Docs Mobile Writing data services PowerPoint Software as a Service Help Desk Deep Learning Personal Information Fun Mail Merge Distributed Denial of Service Consumers Disaster Resistance IT Consultant Consultation IT Budget Scary Stories Vulnerabilities Social Engineering User Error IT Technicians Statistics Technology Tips Machine Learning Meetings Computer Repair Modem Address Managed IT Service Undo Proactive IT Hotspot Cleaning Notifications Geography eWaste IP Address Mirgation Bluetooth Comparison Relocation Software Tips IT Sevices Webcam Corporate Profile Alt Codes Electronic Medical Records Google Wallet Cookies Redundancy Break Fix Cables IT Consulting Language Quick Tips Printer Crowdsourcing Dark Data Environment Mobile Office Migration Black Friday Private Cloud Dark Web Point of Sale WannaCry Typing Drones Nanotechnology Wires Data Breach Computing Infrastructure Time Management Access Control Buisness Cabling Troubleshooting Chatbots Cyber Monday Error Data Warehousing Cryptocurrency Knowledge IoT MSP Technology Laws Alerts Network Management SharePoint Identity Phone System flu season Lenovo Microsoft Excel Web Server VoIP Bitcoin Update Staffing Experience Utility Computing Proactive Unified Threat Management Cooperation Touchscreen Downloads Administrator Disaster 3D Printing Shortcut Fort Worth Superfish Blockchain Cameras Digital Windows 8 Chromebook GPS Healthcare Network Congestion Remote Monitoring and Management Domains business communications systems Staff Multi-Factor Security Law Enforcement Google Maps Uninterrupted Power Supply Unsupported Software 5G Entrepreneur flu shot Application Permissions CCTV Spyware Emoji Tracking Cost Management Users Display WPA3 Public Speaking Internet Protocol Flexibility Google Calendar Gadget Solid State Drive Mobile Data iPhone Hacks Fort Worth IT Networking Fraud How To Management

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...
QR-Code