Spectre-Meltdown vulnerabilities

Spectre-Meltdown vulnerabilities

You’ve undoubtedly heard on the news the recent security vulnerabilities found call Spectre and Meltdown. What’s this all about? Basically, computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It's really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost everything out there. This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation. If you want to read a non-technical explanation of the exploit you can find one at https://blog.cloudflare.com/meltdown-spectre-non-technical/.

So, the theory is that if the bad guys are able to get malicious software running on your computer, and know how to exploit this vulnerability, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good. While we don’t want to downplay the possible seriousness of these vulnerabilities, it’s important to understand that to date there are no known actual exploits of these vulnerabilities. That means from what professionals know, no one has actually used these vulnerabilities yet to gain access to information. Granted now that the exploit is out, it’s a matter of time before the bad guys start to make use of it.

While patches are being pushed out to prevent these types of attacks, it was determined that many Anti-virus products can’t handle them and caused systems to lock up or to not boot altogether.

So, What Are We Doing About This?

We need to update and patch all machines for any customers that are part of our Sentinel Managed Service plan. We’re already working on this, but it is going to take some time.. As these patches become available, just like with any patch, we will install them on our “test” group systems (a select set of computers including our own computers) to ensure there are no adverse effects from installing them. Once we’ve successfully run them without issues for a week, they then get pushed out to the “Pilot” group (a larger group of machines including all computers on our Gold plans). fter running a week on the “Pilot” group without issue, they then get pushed to the “Production” group (includes any Platinum customer machines).

The good news is that any Sentinel client will be running Webroot (our AV product of choice) which is already compatible with the patches that have been released.

Over the next couple of weeks, we’ll be automatically deploying these patches to your systems, as outlined above, which is part of our regular patching services.

In the meantime, we need you to be extra vigilant, with security top of mind and think before you click.