Meltdown / Spectre Vulnerabilities

January 3, 2018

New security vulnerabilities, Meltdown and Spectre, were announced on 1/3/2018 that affect computer processors on virtually all modern computers and mobile devices.  These are hardware bugs that allow programs to steal data that is currently being processed on a computer. This could include passwords, encryption keys, emails, or other sensitive information. These flaws affect nearly all computing devices made since 1997.  This includes PC computers, Macs, tablets, and both Apple and Android smartphones.  Patches for most common devices and software are already available.

What can I do?

CIS recommends that you keep all of your computing devices up-to-date with all patches and hotfixes provided by your hardware and software providers.  These patches typically include important security updates that help to defend against common exploits hackers can use to gain access to your data and personal information. The two most important things to remember:

  1. Don’t Panic!
    While these type of vulnerabilities are very bad, there is no need to panic.  You don’t need to go out and buy a new computer or smartphone to fix the issue. 
  2. Keep your software up-to-date!
    This includes operating system (Windows, MacOS, Linus, iOS and Android OS), your browser (Google Chrome, Firefox, Safari, Microsoft Edge or Internet Explorer), and any other software you might have installed (Microsoft Office, Adobe Creative Cloud, etc). Vendors work very hard to protect you by fixing exploits used by hackers to harm you. Make sure that you install any updates for your software and hardware as they are provided.