Alert: Meltdown and Spectre – Critical Vulnerability Advice
Attention: Anyone with a computer, smartphone or tablet – yes, you!
There has been a lot of publicity since the start of 2018 about two security flaws known as Meltdown and Spectre, which are of high risk to most computer and mobile users, relating to a bug in the central processing unit.
Meltdown and Spectre are extremely serious vulnerabilities that allow programs to steal information that is stored in the memory of your computer. Normally programs are isolated from each other and aren’t allowed to read data from other software on your computer without permission, however, it has become apparent that a flaw enabling this is present in most computer processors. This means that passwords and other sensitive data can be obtained and used without your knowledge.
Nearly every device, whether it be a laptop, desktop, a mobile device including smartphones and tablets, or cloud software is affected by this risk, and you will not be able to tell if someone is taking advantage of Meltdown or Spectre on your device. Antivirus software does not protect users against these and so a patch must be installed to protect against these vulnerabilities.
There is no proof yet that malicious activity has occurred as a result of Meltdown or Spectre, however, it is essential that action is taken as soon as possible to protect your data and privacy.
What we’re doing for our clients:
If you are on an activCare essentials service plan, we will review your environment and advise you if any action is required, however, in most cases your systems should be up to date shortly without any substantial intervention from us.
For activCare plus and premium clients, we will review your environment and take action where it is required to keep your systems as safe as possible over the coming days. You do not need to do anything other than sit back and relax.
If you have engaged us in an ad hoc or break-fix fashion (and don’t have a service plan with us), it is very likely your environments will need IT intervention to mitigate this very serious risk; please contact us at firstname.lastname@example.org if you would like us to review your environment and formulate an action plan with you.
What you can do:
- Be extremely vigilant with email attachments, websites you visit, and files you download – more so than normal – and pass this on to your office colleagues urging them to do the same.
- For any of your devices, ensure that you have installed the latest available updates. Windows, Apple and Google have all recently released updates which will help protect a range of devices from Meltdown and Spectre, with more patches on the way for other devices.
Be extremely careful and ensure you back up all of your files on your smartphones, such as photos and videos, as we have seen many cases of updates breaking Apple iPhones and losing data within.
We love that you’re interested in cyber security, so please check out these pages for more information. Most of it is in plain English 🙂
- Meltdown and Spectre
- How to explain Meltdown and Spectre to your C-level and employees
- Meltdown and Spectre FAQ
This is a complex but very serious matter – please do not hesitate to contact us on 1300 228 480 or email@example.com if you have any questions!