Menu

  • Home
  • About Us
    • Team
  • Services
    • Business IT Solutions
    • Cloud Hosted Solutions
    • Computer Systems
    • Consultancy
    • Cyber Security
    • Data Handling & Recovery
    • IT Help & Support
    • Network Infrastructure
    • Office 365
    • Remote IT Management
    • Virtualisation
  • GloRemote
    • GloRemote
    • Helpdesk
  • Blog
  • Contact
  • Price Packages

The Processor Bugs of 2018 (aka Meltdown and Spectre) – What you need to know

  • Home
  • The Processor Bugs...

The Processor Bugs of 2018 (aka Meltdown and Spectre) – What you need to know

CategoriesGeneral

Chris

5th January 2018

00

You may have heard about a pair of security flaws (aka Meltdown and Spectre) that have been found in almost all recent processors that will require updates to Windows, Mac, Linux, iOS (iPhones, iPads, etc.), Android, FreeBSD …. Basically everything.

We’ve compiled a short list of questions that will hopefully help our customers understand what’s going on and how we’re approaching things. If you have more questions, or just want to talk please either raise a support ticket or give us a ring.

So what does this all mean, exactly?

You can get full information from meltdownattack.com (it’s really well designed and well written, we encourage you to take a look), however the simple version is that both flaws allows programs and virtual machines to access areas of memory that they shouldn’t. This allows data to potentially get stolen. One attack (Meltdown) affects just Intel processors. The second attack (Spectre) affects at least Intel, AMD, and ARM processors.

Is this just theoretically possible? How likely is it really?

People have demonstrated stealing things like passwords and reading memory from virtual server hosts using specifically designed exploits already, so it is serious and not just theoretical. Companies like Microsoft and Amazon who run hosting services have already scheduled and performing rolling updates of their server fleets.

Using #Meltdown to steal passwords in real time #intelbug #kaiser #kpti /cc @mlqxyz @lavados @StefanMangard @yuvalyarom https://t.co/gX4CxfL1Ax pic.twitter.com/JbEvQSQraP

— Michael Schwarz (@misc0110) January 4, 2018

I’ve heard there are performance issues after applying the patches. Is this true?

Intel are currently saying there is no significant impact, and are quoting Apple, Microsoft, Amazon and Google.

However some earlier tests by some other outlets have found between 5-30% performance loss.

Currently our stance is that it really depends on workload (the kind of work you perform), but we expect it to be minimal for most of our customers.

Should we hold back on the patches if it’s going to slow down systems? Can I not just rely on my Anti-Virus software?

Unless you have a completely isolated system (no connection to the outside world at all) that only runs 100% trusted code (and almost no one does), then you should patch.

It’s tempting if you’re worried about performance, but whilst it’s possible that Anti-Virus can detect programs using these flaws, it is unlikely in practice. Unlike usual malware Meltdown and Spectre are hard to distinguish from regular programs. However, your anti-virus may detect malware which uses the attacks by comparing programs after they become known.

TL;DR – You should be patching this.

How are Glo dealing with this?

We’re in the process of rolling out the relevant patches (from Microsoft, Intel, etc.) to our customers. We are working with our Anti-Virus partners to ensure that the appropriate fixes are rolling out. We are evaluating each platform and system independently. If you have not already had a support ticket logged you will get one shortly.

If you have more questions, or just want to talk please either raise a support ticket or give us a ring.

Related Post

1ST MAY 2018

Glo’s Recent NPS Survey

Recently we carried out an NPS (Net Promoter Score) survey to ensure that we are...

10

Leave a Comments Cancel Reply

Recent Posts

  • Glo’s Recent NPS Survey
  • Phone System Changes
  • How to protect your business against email phishing scams

Categories

  • Applications
  • Cloud
  • Cool Stuff
  • Desktop Hardware
  • Desktops and Laptops
  • Disaster recovery
  • FAQ
  • General
  • Glo News
  • Hardware
  • Inspiration
  • Laptop Hardware
  • Mobile
  • Operating Systems
  • Operating Systems
  • Privacy
  • Replication / Data Shipping
  • Scripting
  • Security
  • Servers
  • Small Business Software
  • Software
  • Tips

Links

  • Glo Help
  • Glo Website
  • Glo Remote

About Us

We offer professional IT services at speeds that we feel all businesses should always demand. We have honed our processes and procedures over the past 12 years to offer industry leading, efficient and effective support and assistance to businesses.

We supply robust & reliable IT solutions to businesses in Bridgend, Wales and the UK.

Recent News

  • Glo’s Recent NPS Survey

    1st May 2018
  • Phone System Changes

    16th April 2018
  • How to protect your business against email phishing scams

    22nd January 2018

Contact Us

  • Glo Networks Limited, Regus House, Malthouse Ave, Cardiff Gate Business Park, CARDIFF, CF23 8RU
  • 0330 2230 033
  • info@glo.systems
  • Open: Mon - Fri 08:30am to 5:30pm
  • Need Help? Visit Helpdesk
  • Access GloRemote
  • Our Privacy Policy

© 2017 Glo Networks Ltd. is registered in England, Company No. 06344510
Built by Thule Media