Update on the Meltdown / Spectre Threat

Recently, security researchers at Google uncovered a pair of security exploits that could allow an unauthorized third party to access chip memory, which holds sensitive information like passwords and cached files. The two vulnerabilities – referred to as Meltdown and Spectre – put almost all computers, laptops, servers and smartphones utilizing chips made by Intel as well as other manufacturers, at risk. There is as of yet no evidence that these vulnerabilities have been exploited, but the problem is alarming because so many devices could be affected.
What’s the Impact?
Intel processors built after 1995 are reportedly affected by Meltdown, while Spectre affects devices running on Intel, AMD, and ARM processors. This includes MAC and Android devices. Meltdown is related to the way privileges can be escalated, while Spectre entails access to sensitive data that may be stored on the application’s memory space.
The potential impact is far-reaching: desktops, laptops, and smartphones running on vulnerable processors can be exposed to unauthorized access and information theft. Cloud-computing, virtual environments, multi user servers – also used in data centers and enterprise environments – running these processors are also impacted.
Do I Need to Worry?
If you are a BlueCentral Managed Services client, you are already protected in many ways. The team at Midnight Blue keeps a close eye on the latest in network security, including any new threats to your business’s data or patches that need to be implemented. We’ll do whatever it takes to keep your business’s technology as secure and up to date as possible. Regarding the Meltdown / Spectre threat:
– All Microsoft security patches and updates have already been pushed to your PCs. As usual, please make sure to leave PCs turned on every Tuesday and Friday night, even when you are mobile, so that they can receive updates.
– While this is not a virus issue, your Trend Micro endpoint protection has already been updated automatically to help protect against all known exploits.
– The SonicWALL Capture Threat Research team has evaluated these vulnerabilities and determined that SonicWALL firewalls are not vulnerable to Meltdown or Spectre. Additionally, all SonicWALL security appliances supported by the Midnight Blue team have active subscriptions that protect against viruses, malware, and other exploits.
Rest assured that Midnight Blue has your back! If you have any questions or concerns, please let us know.
The Team at Midnight Blue