What you need to know about the Meltdown and Spectre vulnerabilities

Computer hacking

You may or may not have heard about the new “hacks” or “vulns” for most Windows and Mac computers – but if you haven’t,  you want to make sure that you find out.  Before you get some bad information and do something that could expose you, your computers, tablets, and smartphones, as well as your data to these exploits.  The most important thing you’d need to know right now is that malware (software with bad intentions) would have to installed locally on your devices to be exposed to these risks.  Either by someone else or you under false pretenses.  So BE CAUTIOUS when installing new software until the proper security updates can be delivered by your OEM of choice (Microsoft, Apple, or any of the smartphone makers)  More details follow after the jump.

Two different vulnerabilities are identified here:  one called Meltdown and the other called Spectre.  Right now, what is believed is that only devices with Intel processors are exposed to Meltdown.  This is basically any Mac device from Apple and other select PC products that have “Intel inside” – Spectre appears to impact a much larger group of devices, because Intel chips as well as AMD and ARM processors are affected.  This includes things like tablets and smartphones as well as personal computers.  Its kind of a big deal.

The nuts and bolts are rather complicated, but the key points are:

  1. The vulnerabilities are hardware based, so its the chip inside your device that is what’s at risk – this is bigger than just “bad software” or “virus” that might harm your computers (some of you may remember things like WannaCry or Heartbleed)
  2. The risks were discovered several months ago, and the entire technology industry has been working since to get these issues mitigated (because of the nature of hardware involved, things can be “patched” but not outright “fixed” until the new generation of processors comes to life in next generation devices

Your computer IS at risk – if you bought it within the last decade.  Other devices are too, like your tablets, smartphones, and other smart devices (pretty much everything runs on either an Intel system on chip or on an ARM based chip) so there is some exposure here.  BUT – the ability to take advantage of it is confined to software running on your device – and it can only get there if you allow it to.  So I urge caution when installing any new software on your PC, Mac, tablet, or phone, and make sure its only from sources you trust 100%.  If you don’t, don’t do it.  Its as simple as that.

All OEMs are in the process of getting the patches needed to address the issues (according to the report I heard macOS High Sierra is already patched for this) but its not over yet.  If you want to get more details and go inside baseball, check out this podcast from Rene Ritchie from iMore – he discusses the scenarios in depth and its only about 25 minutes in length.  You should also check out this article from Tom Warren at the Verge – he’s got a bit more info on the specific ways to protect yourself as well.

Be safe everyone – its a wild start to 2018 already.

 

 

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s