Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

ALERT: Meltdown/Spectre Hardware Vulnerability Requires Action

Just a few months after finding themselves in a firmware fiasco, Intel is making news for all the wrong reasons. This issue had the potential to affect the CPU of a device, causing a severe dip in the performance of the device.

In a blog post by a user going by the name Python Sweetness, an issue was reported, describing “an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve.” This means that, thanks to this bug, the interactions that different programs would have with the CPU would be affected.

Under normal circumstances, a CPU will have two modes that it operates under: kernel, which permits the user to make changes to the computer itself, and user, which is considered a ‘safe’ mode. Python Sweetness discovered a bug that blurred the distinction between the two modes. The bug allowed programs run in user mode to also access kernel mode, possibly allowing malware to access the computer’s hardware.

However, the circumstances have proven to be less dire than they originally appeared. The expectation was that this bug would cause entire processes to shift back and forth between user and kernel mode, hamstringing the speed at which the device would operate. There was also the expectation that this issue would not be able to be resolved without a hardware change.

For PCs with Windows 10 installed and an antivirus that supports the patch, the fix should already be in place. However, to confirm this, go to Settings > Update & Security to see if there are any updates waiting to be installed. If not, check your update history for Security Update for Windows (KB4056892) or check with your antivirus provider to find out when it will be supported, the patch will not install until it sees that the antivirus has been updated to a version that the vendor verifies supports this patch.

Android devices had an update pushed on January 5 to provide some mitigations, with more protections coming in later updates. These patches have already been pushed to Google-branded phones, like the Nexus and Pixel lines, and may have been on other Android devices. It doesn’t hurt to check, and if you haven’t been updated, go online and put pressure on your carrier on a public forum.

Google Chrome should be updated with similar mitigations on January 23, with other browsers updating soon after. To help protect yourself until then, have your IT team activate Site Isolation to minimize the chance of a malicious site accessing data from another browser tab.

Other devices (like NAS devices, smart appliances, networking equipment, media equipment, etc.) may also be at risk, as they are using similar hardware. It’s really important for business owners to have their entire infrastructure reviewed and audited.

These kinds of issues help to demonstrate the value of an MSP’s, or managed service provider’s, services. MSPs like Total Tech Care are sure to keep themselves informed on the latest developments in IT security and any resolutions they can pass on to businesses like yours, if they don’t implement them on your behalf.

As a result, you and the rest of your team can go about your business without having to concern yourself with solving issues like these, knowing that you can trust the team who is solving it for you. For more ways that an MSP can help keep your business security and operations optimized, reach out to Total Tech Care at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 02 May 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Software Efficiency Network Security Google Business Microsoft Internet Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices Hardware IT Services Disaster Recovery Android VoIP communications Communication Business Continuity IT Support Smartphones Miscellaneous Smartphone Mobile Device Small Business Network Browser Collaboration Productivity Quick Tips Cybersecurity Users Business Management Phishing Windows Upgrade Managed IT Services Outsourced IT Ransomware Data Backup Windows 10 Office Cloud Computing Server Save Money Data Recovery Windows 10 Passwords Virtualization Tech Term Social Media Saving Money Holiday Gadgets Chrome Automation Managed IT Services Microsoft Office Managed Service Facebook Computers Cybercrime Operating System Artificial Intelligence BYOD Health Mobile Device Management Networking IT Support Internet of Things Hacking Wi-Fi Covid-19 Information Technology Managed Service Provider Spam Remote Alert Office 365 Information Telephone Systems Recovery Employer-Employee Relationship Router Bandwidth BDR Social Engineering Mobility App History Money Mobile Computing Encryption Applications Application Human Resources Law Enforcement Remote Monitoring Big Data Data Breach Password Apps Office Tips Training VPN How To Government Remote Computing Data Storage Patch Management Mobile Office Private Cloud Blockchain Paperless Office Managed IT Flexibility Wireless Infrastructure Marketing Voice over Internet Protocol Data Security WiFi IT solutions Gmail Entertainment Website Google Drive Budget Settings Two-factor Authentication Avoiding Downtime Mouse HaaS Vulnerability Windows 7 Word Bring Your Own Device Servers Data Management Work/Life Balance Managed Services Display The Internet of Things Lithium-ion battery End of Support Education Physical Security Employee/Employer Relationship Safety RMM Sports USB HIPAA Redundancy Firewall Data Protection Keyboard Virtual Reality Apple Conferencing Social User Error Scam Meetings Save Time Telephone System Staff Software as a Service Machine Learning Remote Work Connectivity Vendor Management Risk Management Vendor Cleaning Hacker Computer Accessories Identity Theft Charger Remote Workers DDoS Compliance Battery OneNote Processor Computer Care SharePoint Current Events Shadow IT Telephony Augmented Reality Legal Samsung Printer Fraud Hard Drive Bluetooth Internet Exlporer Remote Worker Customer Service Value Environment Cryptocurrency Computing PDF Spam Blocking Fax Server Electronic Medical Records Proactive IT IT Consultant SaaS Hiring/Firing Comparison Best Practice YouTube Humor CES Digital Signage Black Market Network Congestion Business Technology eWaste Content Management Access Control Procurement Document Management Business Intelligence Wireless Technology Workplace Strategy Virtual Assistant Net Neutrality Solid State Drive How to Downtime Audit Authentication Worker Help Desk IT Management Wearable Technology Printing Hard Drives Data storage Botnet Retail Instant Messaging Automobile IT Plan Robot Update Excel Virus Managed Services Provider Biometrics Computing Infrastructure Unsupported Software Going Green Virtual Desktop Database Unified Threat Management Google Docs Reputation Administrator Streaming Media Devices Windows Server 2008 R2 Managing Stress Enterprise Content Management Supercomputer Content Tech Support Customer relationships Software Tips Laptop Email Best Practices Sync MSP IT Assessment Emails Accountants Manufacturing Science Techology Cameras Credit Cards Customers Microchip Thought Leadership Password Management Managed IT Service Password Manager Security Cameras Audiobook Computer Tips Touchpad Virtual CIO Distributed Denial of Service OneDrive Netflix Customer Relationship Management Biometric Security Two Factor Authentication Multi-Factor Security Analyitcs Search Engine Peripheral Root Cause Analysis Twitter Digital Security Cameras HBO NIST Using Data Knowledge Business Mangement Programming Music Politics Advertising Skype Copiers Smart Tech 5G Trending Printer Server Amazon Notifications Quick Tip Data loss Addiction Ergonomics Outlook Antivirus Leadership Recycling Smartwatch Troubleshooting Start Menu Wiring Development Practices OLED Windows 8 Virtual Machine Loyalty Amazon Web Services Relocation PCI DSS Screen Mirroring Cache IT service 2FA Frequently Asked Questions Safe Mode Fiber Optics Criminal Employee Books Video Games Mobile GDPR Messaging Windows 10s Hosted Computing Cabling Tablet Hypervisor Online Shopping Worker Commute Policy Cast Wireless Internet Domains Dark mode Tip of the week File Sharing Trend Micro webinar Emergency Experience Scalability Professional Services Camera IaaS SMS Public Cloud Inventory Maintenance Default App Employer Employee Relationship Specifications Saving Time Assessment Evernote Bloatware Business Owner Procedure Wire NarrowBand dark theme Windows Server 2008 Shopping Google Search Travel Tablets Search Tools Printers AI Consultant IT Infrastructure Millennials Smart Office Television Analytics Wireless Charging Entrepreneur Bing iPhone FinTech Social Network Workforce Virtual Private Network Best Available Shortcut Investment Employee/Employer Relationships Public Computer Cables Cost Management Files Employees WIndows 7 Chromecast Windows 365 Regulations Social Networking ISP Transportation Telecommuting Project Management Video Conferencing Computer Fan Nanotechnology ROI Rootkit Bitcoin Cortana Shortcuts Colocation Uninterrupted Power Supply Sales Point of Sale Running Cable Personal Workers Digital Signature Cryptomining Benefits Memory Monitor Warranty Supply Chain Management FENG User HVAC Batteries IBM PowerPoint Google Apps Windows Media Player Monitoring Windows 8.1 Flash Digitize Analysis Smart Technology

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code