We would like to bring to your notice the following important update:
Meltdown and Spectre: CPU Security Vulnerabilities
You’ve probably already read about one of the most widespread security issues in modern computing history — colloquially known as “Meltdown” (CVE-2017-5754) and “Spectre” (CVE-2017-5753 and CVE-2017-5715) — affecting practically every computer built in the last 20 years, running any operating system.
What are Spectre and Meltdown?
Spectre and Meltdown are the names of the flaws found in a number of processors from Intel, ARM and AMD that could allow hackers to access passwords, encryption keys and other private information from open applications.
The flaws, found by a number of people including a member of Google’s Project Zero, are sending shock waves through the IT world. Namely, it was revealed that they had been present in chip designs for over 20 years, and that they affect a number of companies’ processors, meaning the flaws could be found on a huge number of devices, from PCs to web servers and even smartphones.
Should you be worried?
So far it doesn’t look like the Spectre or Meltdown flaws have been used in an attack, and device manufacturers are working with Intel, ARM and AMD to fix these flaws.
Intel has claimed that the exploits can’t corrupt, modify or delete data. While it’s good to see companies set aside their differences to find a fix for these flaws, it has emerged that one flaw, Spectre, may need a processor redesign to fix.
However, this does mean that future processors should be free from the Spectre and Meltdown security flaws. So, don’t be too alarmed, but keep an eye on any updates your device offers, and follow our advice on how to protect against the Meltdown and Spectre CPU security flaws.
In the meantime, we are applying the available patches for the operating systems we are using.