Meltdown & Spectre: Intel/AMD/ARM/Apple CPU Vulnerabilities

Author:
Art Williams
Art WilliamsPrincipal / Chief Information Officer
Security, Web Development
Meltdown & Spectre: Intel/AMD/ARM/Apple CPU Vulnerabilities

In recent weeks, the news has broken that most modern CPUs (the brains of our computing devices) have hardware vulnerabilities that allow a malicious program to steal data in the device’s memory. These vulnerabilities, named Meltdown and Spectre, are unique in that they break down the built-in barriers that secure data on the most fundamental component of any computing device, the CPU.

Who is impacted? Everyone.

The devices impacted by Meltdown and Spectre include desktop computers, laptops, servers, and mobile devices such as tablets and smartphones. Additionally, other “smart” devices can be vulnerable. The widespread nature of these vulnerabilities is part of what makes them so dangerous.

While the vulnerabilities were discovered six months ago and disclosed to Intel, AMD, Google, Microsoft and a few others at that time, some software communities were in the dark until the news broke last week. Everyone has been scrambling to respond as quickly as possible.

Most major operating systems, including Windows, Linux, Android, and macOS have already pushed out updates that mitigate some known exploits. Additional mitigations will continue to be released in the coming weeks, months, and even years. This will be a big area of security research for the foreseeable future.

What next? Update, update, update!

To protect yourself from this and other vulnerabilities, the old wisdom still applies... update ALL software on ALL devices as soon as updates are released and tested. This includes operating systems, web browsers, and antivirus software. Texas Creative strongly recommends all clients begin the process of updating computers and devices immediately. Contact your IT department or an IT vendor to help you with this process, if needed.

Texas Creative Status

As previously announced on our news page, our web servers have already received the first round of operating system updates. We are continuing to monitor this situation and respond responsibly. As always, we try to be transparent about our ongoing efforts towards maintaining a high level of security for our clients and ourselves.

Vigilent Security

Meltdown and Spectre are certainly urgent security matters, but they don’t change the fact that the best course is to be ever vigilant of emerging security issues. Keeping your software up-to-date and not downloading or running untrusted software will go a long way toward keeping your data secure.