Need assistance? Call 603-862-4242
Meltdown and Spectre are two different, but related critical vulnerabilities found in most modern processors that make it possible to steal data being processed on a computer. Although programs are not usually permitted to access data from other programs, malicious software can use these two vulnerabilities to do just that, making it possible to steal sensitive, private information.
Meltdown, which impacts almost every Intel processor in use today, is easier to exploit but can be guarded against by removing the ability for the operating system to share memory between programs. Patches to remove this ability for some operating systems are already available and are expected for most others in the coming weeks.
Spectre, which impacts chips made by Intel, AMD, and ARM and most processors currently in use across all modern devices, is harder to exploit but has a larger attack surface and is more challenging to remediate.
Both vulnerabilities affect all types of devices using impacted processors including servers, desktops, laptops, smartphones, all other mobile devices, and the hardware behind the cloud.
Recommended Remediation Steps
UNH Devices - Windows
UNH IT will push security updates to all managed UNH devices running Windows as those patches become available. If you are using a managed device, it is important that you restart your machine on a daily basis to ensure these updates are applied to your device as soon as they are available.
UNH devices that are not being managed need to be updated with security patches from Microsoft as soon as they become available. The best way to ensure a device remains up to date is to take advantage of Microsoft’s automatic update feature. Learn how to turn on automatic updates here (https://support.microsoft.com/en-us/help/12373/windows-update-faq).
In addition to installing the January 2018 Windows security updates, all Windows devices may also to have firmware updates installed. These updates will come from the device manufacturer and additional information about these updates for UNH devices will be provided as it becomes available.
UNH Devices - MAC
Users of UNH MAC devices need to apply security updates for their devices as soon as they become available. As of 5 January, Apple has released patches for iOS 11.2, macOS 10.13.2, and tvOS 11.2 that protect against Meltdown.
All UNH Devices
All UNH devices need to have operating system, browser, and application updates applied as soon as they are available.
As both Meltdown and Spectre require the installation of malicious software to impact your device use only trusted sources to download software. For additional information about these vulnerabilities, visit the following: