News this week: You may be seeing headlines and emails regarding CPU flaws and vulnerabilities named Meltdown and Spectre. As always, we are aware and working on it.
Meltdown and Spectre are CPU hardware design flaws that we techies understand. In a nutshell, Meltdown breaks the isolation between the user app and the operating system, so the app can do a memory dump and steal any data in it. Spectre goes further. It breaks the isolation between apps. It's harder to exploit but harder to mitigate.
First thing to understand is that the vulnerable machine HAS to have malware running to exploit this vulnerability.
So, IF the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.
What are WE doing?
Analysis from industry leaders such as Microsoft and Intel show that while this threat is serious, it has a very small attack vector. Many of these vulnerabilities can be fixed with software patches, which LeadingIT will implement as they become available. This is going to take some time, some of the patches are not even available yet. We also may have to replace some mission-critical computers to fix this.
What can YOU do?
In the meantime, we need you to be extra vigilant, with security top of mind and THINK before you click. Prevention is the best medicine.
Thanks for trusting us!