Meltdown & Spectre


Earlier this week, two critical vulnerabilities named Meltdown and Spectre were discovered that can allow malicious hackers to gain access to privileged data such as passwords or personal information.

What is Meltdown & Spectre?

Vulnerabilities and viruses are often given nicknames, perhaps to make them seem 'friendlier' or to simply make them easier to reference. The technicalities of Meltdown and Spectre are not as important as what they potentially allow malicious hackers to gain access to. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to access information stored in the memory of other running programs. This might include passwords stored in a password manager or browser, photos, emails, instant messages and even business-critical documents.

Who does this impact?

These vulnerabilities affect the most common CPUs from manufacturers such as Intel, AMD, and ARM. Unfortunately, as these CPUs are found in the majority of computers, smartphones, tablets, and other computing devices found in most homes and offices, this cyber threat has far-reaching implications regardless of the device manufacturer or operating system.

What is Fully Managed doing to protect you?

The Fully Managed Private Cloud is already undergoing testing of the necessary updates to the virtualization operating system and will be fully updated within the next 48 hours. The ability to have Fully Managed update an entire cloud environment, providing fast protection against such security risks, is another major advantage of having server environments hosted in the Fully Managed Private Cloud.

All clients of Fully Managed, including servers and workstation environments are covered by industry-leading security software, which employs artificial intelligence to monitor each computer for suspicious activity. This suspicious activity includes protecting against viruses and malware which may be utilized to deliver code relevant to exploiting the Meltdown & Spectre vulnerabilities.

Fully Managed security specialists are monitoring software manufacturers for updates to operating systems and web browsers as these are the main known attack vectors for the Meltdown and Spectre vulnerabilities. As soon as relevant patches are made available, we are working to update client environments where required.

What steps can you take right now to reduce your risk?

  1. Watch your email.
    Check the name and domain of emails that you receive. Ensure you know who the email is coming from before you open it, and always be wary of links within emails. Never click a link without knowing where it goes!

  2. Browse with caution.
    Be aware of the websites you’re visiting and watch for URLs that seem strange. Reputable businesses typically have simple addresses that match the business name. Once you’re on the website, watch the links you’re clicking on. Even ads on reputable websites can be a source of malware as hackers take advantage of third-party advertising platforms to serve up malicious ads next to legitimate ones.

  3. Keep everything up-to-date.
    As a Fully Managed client, we ensure updates are being run on all major software and applications, but it’s important to not skip updates on your home computer and other devices. Pay particular attention to your web browsers, as they send and receive information from the internet and should always be kept updated.

Fully Managed clients can contact Client Support 24 hours a day, 7 days a week for help with this or any other technical issue.

If you are concerned about the impact of these newly discovered exploits, and would like to discuss how a multi-layer security solution can increase your protection against these and future security risks, contact us today.