Spectre-cular Meltdown
The world was shaken last week by a gloomy announcement: two security flaws were discovered that affect computers and devices down to the CPU level. Original news claimed they only affect Intel chips. Intel then said AMD and ARM-based chips are affected as well. A few admittance and denials later, one thing remained clear: the security flaws need to be dealt with ASAP.
Meltdown and Spectre are in Wikipedia if you want to read more about them. Experts are in the opinion that Meltdown is patch-able at the OS and firmware level. On the other hand, Spectre seems to require a hardware fix/replacement. As of this writing, there are varying opinions on the matter, but the general contention is that Spectre would be the hardest to resolve.
What's really daunting here is that these security flaws are attributed at the firmware and hardware level. It's not just an application or an OS software with a programming bug. These flaws are on the very components that the OS and applications themselves are suppose to run reliably on.
Hardware, OS and application manufacturers and vendors are actively issuing fixes and, likewise, managing customer expectations. Information campaigns about known and unknown issues are getting published. The impact is big. And serious. Businesses and consumers around the world must update their servers, computers and devices with the latest firmware, OS, web browser and other software patches. ISPs, data centers and cloud infrastructures must do the same. To help prevent attacks, everyone should have active and updated anti-virus and anti-malware software.
So far, the immediate actions are focused on servers, computers and devices -- the obvious computing products. The next concerns can be about possibly updating affected smart wearables, smart homes/appliances (IoT, refs, TVs, speakers, etc.), smart vehicles and even smart modems/routers as well.
Everyone's cooperation is needed to install the security fixes/patches offered by their hardware manufacturers and software vendors, who were mostly ready as soon as the announcement was made public last week. Expect a series of fixes, patches and updates related to these issues in the next few weeks and months. Be aware. Stay informed. And act accordingly.
Meltdown and Spectre are in Wikipedia if you want to read more about them. Experts are in the opinion that Meltdown is patch-able at the OS and firmware level. On the other hand, Spectre seems to require a hardware fix/replacement. As of this writing, there are varying opinions on the matter, but the general contention is that Spectre would be the hardest to resolve.
What's really daunting here is that these security flaws are attributed at the firmware and hardware level. It's not just an application or an OS software with a programming bug. These flaws are on the very components that the OS and applications themselves are suppose to run reliably on.
Hardware, OS and application manufacturers and vendors are actively issuing fixes and, likewise, managing customer expectations. Information campaigns about known and unknown issues are getting published. The impact is big. And serious. Businesses and consumers around the world must update their servers, computers and devices with the latest firmware, OS, web browser and other software patches. ISPs, data centers and cloud infrastructures must do the same. To help prevent attacks, everyone should have active and updated anti-virus and anti-malware software.
So far, the immediate actions are focused on servers, computers and devices -- the obvious computing products. The next concerns can be about possibly updating affected smart wearables, smart homes/appliances (IoT, refs, TVs, speakers, etc.), smart vehicles and even smart modems/routers as well.
Everyone's cooperation is needed to install the security fixes/patches offered by their hardware manufacturers and software vendors, who were mostly ready as soon as the announcement was made public last week. Expect a series of fixes, patches and updates related to these issues in the next few weeks and months. Be aware. Stay informed. And act accordingly.
Comments
Post a Comment