On January 3, 2018 two new computer vulnerabilities dubbed "Meltdown" and "Spectre" were announced. The vulnerabilities had been discovered by several security researchers over a year and a half ago however the discovery had been kept secret so that hardware manufacturers could develop strategies to deal with them. What makes these vulnerabilities unusual is that they target the processor...the "brain" of your computer. At this point most, if not all, computers are capable of being compromised by cyber criminals running code that takes advantages of these security weaknesses.
The good news is that the sky is not falling and that patches to protect systems against these vulnerabilities either have been developed and distributed or will be in the very near future.
This vulnerability is getting a lot of attention at the moment and will for the next while. While this is not an emergency situation, your vigilance is required. Here's what to do:
Work Computer
We’ll take care of ensuring that our Operating Systems are patched etc. Nothing is required of you unless we specifically reach out to you with a request (i.e. If you have a laptop, we might ask that you bring it in to dock it by a certain date or what-have-you).
Home computer
Standard maintenance or precautions that you are probably doing anyway, such as:
- Ensure your OS patches are up to date
- Ensure your anti-virus software is up to date. OS patches may not install if your anti-virus is not up to date.
- Don’t open attachments from unknown sources
- Be cautious about which websites you visit
- Don’t run or download unexpected content from email or websites
- Check the website of the manufacturer of your computer to see if they offer any specific suggestions/advice
We anticipate that there will be a lot of false information or exploit attempts circulating with respect to these vulnerabilities. The manufacturer of your hardware and operating system are the best sources of information as to how you can protect yourself from these vulnerabilities.