What is the Meltdown Bug?
Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It’s really a design flaw in the hardware that has been there for years. This is a big deal because it affects millions of computers including workstations and servers.
Does the Meltdown bug effect me and my business?
Meltdown, and another related bug known as Spectre, exist in every Intel CPU manufactured between 1995 and late 2017. It also affects a limited number of ARM processors. The bug could be present in over 75% of CPUs in operation.
How does it work?
Bill Geise, Pres. of AsuroIT, explains it this way. “This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation. By its nature, this bug is difficult to exploit but if exploited it is very difficult to undo its damage.”
“So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.” Geise tells us.
How do we mitigate the risk?
Currently, the risks are relatively low. To date there are no known viruses or Trojans designed to take advantage of the flaw other than software running in security research facilities.
Additionally, as always, your risk is proportional to the information you desire to protect. Make sure to keep your antivirus software up to date and run regular scans. Currently, we are recommending ESET, AVG, Trend Micro, Malwarebytes or Webroot.
Geise reminds us, “Be vigilant and ‘Think Before You Click’ with a good router/firewall and good antivirus in place on the network and PCs is the best deterrent we have. Moving forward you will need to update and patch all machines on the network. This is going to take some time, some of the patches are not even available yet.”
Think Before You Click – Most malicious software works by installing code on your PC. Don’t download or run any files delivered by email (especially those ending in .exe) unless you know the source and are expecting the file. Additionally, use extreme caution when installing anything from websites you don’t know and trust.
Microsoft and Red Hat have both issued software patches for Windows and Linux. The Windows software patch was issued January 9, but it will take some time for all computers to be updated. Geise recommends making sure your Windows PCs are set to automatically install updates and leave them running during the night with all applications closed.
Google Chrome expects a patch to be available around January 23. Make sure to update to the latest edition of Chrome or Firefox, and keep these browsers up to date.
Antivirus, browser publishers, and operating systems will be addressing problems as they are identified, so make updates a regular part of your routine.
Will this fix the problem?
Unfortunately, no. Software patches are workarounds. The problem is a design flaw in the hardware inside your PC or network server. The only sure fix is replacing your hardware, but at this point, that’s not even possible. Now that the problem has been identified chipmakers will be working overtime developing processors for the next generation of PCs, eliminating this flaw.
The software patches will inhibit attacks on your PCs in the meantime, but realized they also may impact your overall performance. Running high-end applications such as photo/video editing, CAD systems, and high-performance Web servers could be impacted by 5-30%.
We would like to thank Bill Geise, President of AsuroIT Services in Sunbury Pennsylvania, for his contributions to this article. His team of technicians has been a trusted advisor to Mediastead for several years. If your business is in the Susquehanna Valley, we strongly recommend AsuroIT for your hardware, software, and networking needs. Find them on the web or call 570.286.8680.