Contact us today!
(800) 588-4430

Telesys Voice and Data Blog

Telesys Voice and Data has been serving the Dallas/Fort Worth area since 1994, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

ALERT: Make Sure Your Business is Safe from Meltdown and Spectre

Intel recently found itself (once again) in hot water, mere months after many flaws were discovered in the firmware that enables all of their chips to do their job. This time, the issue could have potentially caused a permanent dip in the CPU’s capacity to function properly. This has come to be known as the Meltdown vulnerability.

This issue was first reported in a blog maintained by an unknown user identified only as Python Sweetness, who summed up what they described as “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.”

In other words, a bug had been discovered that messed with how different programs could interact with the CPU. Normally, the CPU has two modes: kernel, which allows complete, carte blanche access to the computer itself, and user, which is supposed to be the ‘safe’ mode. The issue that Python Sweetness discovered was that the bug allowed programs that were run in user mode to access kernel mode. This could potentially open the door for malicious programs and malware to access a user’s hardware itself and see anything that’s going on in protected memory space, meaning programs could gain access to memory being used by other programs, or in the case of virtual machines they could cross-talk between VMs as well.

Fortunately, a fix has been developed that will likely only cause a 2% dip in system performance, a greatly lesser sacrifice than what was initially expected. Originally, it was assumed that entire processes would be shifted from user mode to kernel mode and back again, slowing the entire system down considerably. There has since been a Windows update to mitigate the CPU issue, despite the expectation that it would take a hardware change to implement it.

For PCs with Windows 10 installed, and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892), or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

If you have an Android device, there was an update on January 5 that provided mitigations, with the promise of further updates to add to these protections. Google-branded phones, including the Nexus and Pixel lines, should have already received the patches, and other Android phones may have as well. It is something that you should check, and if you haven’t received an update yet, reach out to your carrier and ask why (posting publicly can get you extra points).

An update to Google Chrome is expected on January 23, with other browsers following suit, that will also include mitigations. In the meantime, ask your IT resource to help you activate Site Isolation to help keep a malicious website from accessing your data from another tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

Issues like these are exactly why businesses need a managed service provider looking out for them. An MSP, like Telesys Voice and Data, would have heard about this issue and its associated update (or any issue/update, for that matter) and taken the actions needed to resolve it.

This is all done without the business needing to worry about handling any of it, freeing its internal staff to complete projects that generate profit, rather than work to maintain operations and security.
For more ways that an MSP can benefit your crew, reach out to us at (800) 588-4430.

Comments

 
No comments yet
Already Registered? Login Here
Guest
Wednesday, 20 November 2019
If you'd like to register, please fill in the username, password and name fields.

Captcha Image

Free Consultation

Sign up today for a
FREE Network Consultation

How secure is your IT infrastructure?
Let us evaluate it for free!

Sign up Now!

Free Consultation
 

Tag Cloud

Security Tip of the Week Technology Cloud Best Practices Business Computing Hackers Malware Privacy Email Productivity Business Hosted Solutions Microsoft Network Security Software Internet IT Services Computer Windows 10 Data Backup Productivity Managed Service Provider Ransomware Innovation Backup Outsourced IT Mobile Devices Business Continuity Hardware Smartphone Google Android Upgrade Efficiency User Tips Data Recovery Managed IT services Disaster Recovery Social Media Data Browser Communication IT Support Workplace Tips Small Business Cloud Computing IT Support Managed IT Services Business Management Smartphones Data Management App Server Miscellaneous Holiday Microsoft Office Internet of Things Phishing Office Remote Monitoring communications Office 365 WiFi Windows Network Paperless Office Facebook Password VoIP Tech Term Spam Passwords Artificial Intelligence Gmail Big Data Save Money Cybersecurity Apps Encryption Employer-Employee Relationship Customer Relationship Management Risk Management Unified Threat Management Windows 10 Apple Bandwidth Document Management Firewall Robot Collaboration Hosted Solution Recovery Saving Money Remote Computing Wi-Fi Office Tips Vendor Management Compliance Analytics Managed IT Infrastructure Chrome Word How To Hacker Tip of the week Avoiding Downtime Government Money Customer Service Content Filtering Mobile Device Management Work/Life Balance Operating System Downtime File Sharing IT Management Presentation Business Growth Healthcare Mobile Device Antivirus Redundancy Automation Going Green Two-factor Authentication Outlook Settings Managed Service Alert Project Management Data loss BDR Printing Data storage Business Technology Windows 7 The Internet of Things Computers Computing Applications Telephone Systems Health Virtual Reality Training Hacking Education Mobile Computing SaaS BYOD Vulnerability Cybercrime Tech Support Help Desk Data Security Social Website Twitter Politics Monitors YouTube Travel Unified Communications Google Drive Websites Specifications Physical Security LiFi Tablet Taxes Regulations Botnet User Samsung Augmented Reality Meetings Net Neutrality Retail Storage Proactive Running Cable Smart Technology Best Practice IBM Lithium-ion battery Software as a Service Business Owner Remote Monitoring and Management Computer Care HIPAA Router Search Mobile Security Bring Your Own Device Patch Management Marketing Sports Solid State Drive IT service Scam Identity Theft Cortana Virtualization Automobile Competition Upgrades Administration Budget VPN End of Support IT solutions Assessment Laptops Information Technology Safety Mouse Licensing Access Control Server Management Virtual Private Network Humor Wireless Technology Consultation Wireless Digital Payment Legal Analyitcs Display Maintenance Utility Computing Microsoft Excel Disaster Resistance Troubleshooting Mobile Data Windows Server Hacks Cables Cooperation Downloads Windows 8 Bluetooth Fort Worth Address Corporate Profile Professional Services Domains Monitoring Entrepreneur Blockchain Proactive IT Quick Tips User Management Phone System Current Events 5G History Cyberattacks Application Wires G Suite Staff Processors Multi-Factor Security flu shot Users WannaCry Virtual Assistant Public Speaking Electronic Health Records Cost Management Motion Sickness Permissions IT Consulting Time Management Batteries Google Calendar Mobility Google Docs Cabling Bookmarks Flexibility Fort Worth IT Writing Voice over Internet Protocol Staffing Hard Drive Fraud Data Breach Personal Information Network Management Remote Work Legislation Laptop Favorites Hard Drives MSP IT Consultant Operations Social Networking Machine Learning DFW IT Service Social Engineering Virtual Desktop VoIP GPS Google Maps Recycling Technology Laws iPhone Computer Repair Touchscreen File Management Halloween Disaster Conferencing Refrigeration Cleaning Wearable Technology Notifications Motherboard Relocation Lenovo Digital Manufacturing Tracking Fun Management Webcam Internet Exlporer Unified Threat Management Electronic Medical Records Deep Learning Telephone Google Wallet Shortcut Dark Data Scary Stories Uninterrupted Power Supply Employees Crowdsourcing Private Cloud Distributed Denial of Service Superfish Spyware Gadgets Enterprise Resource Planning Point of Sale business communications systems data services Mobile VoIP Drones Technology Tips Zero-Day Threat Undo WPA3 IT Technicians Modem Error Managed IT Service How To Proactive Maintenance PowerPoint IP Address Mobile Hotspot Internet Protocol User Error Alt Codes Heating/Cooling Comparison Consumers Hard Disk Drive Backup and Disaster Recovery Fleet Tracking Mirgation Cookies Break Fix Networking Firefox Processor Mobile Office Supercomputer Company Culture Web Server Language VoIP streamlines Update Printer Typing Servers Black Friday Buisness RMM Asset Tracking Migration Nanotechnology Administrator Dark Web eWaste 3D Printing IT Budget Knowledge IT Sevices Vulnerabilities Cameras Computing Infrastructure business network infrastructure Chromebook Cryptocurrency Law Enforcement Cyber Monday Network Congestion Procurement Remote Workers Chatbots IoT Data Warehousing Techology Environment Unsupported Software Active Directory Experience Software Tips Geography CCTV Alerts Emoji SharePoint Bitcoin Statistics Gadget flu season Mail Merge Remote Worker Information Identity

Top Blog

Don't be Afraid to Replace Got an older PC that's causing you a lot of issues? Older technology is typically more expensive to run, and after a while, it's cheaper to simply buy a new desktop than it is to continue pouring money into something that always seems broken. It's a great time to buy wo...
QR-Code