Navigating the Meltdown and Spectre Attacks

Navigating the Meltdown and Spectre Attacks

2018 is off to a vulnerable start in the technology world. Earlier this week, news circulated that two major security vulnerabilities, named Meltdown and Spectre, were uncovered by security researchers in systems that use processing chips from major vendors. The overarching problem is that the vulnerabilities extend beyond just the chip; operating systems, web browsers and cloud services are all affected by these two vulnerabilities. These security vulnerabilities have been reported to affect nearly all devices made within the last 10+ years; so unfortunately, it seems as though all the systems we use are vulnerable to attack.

The vulnerabilities make it easier for hackers to break into the memory and steal sensitive information; so think of things like passwords, credit card info, etc. This is a big concern. To address these new security vulnerabilities, many companies and vendors are scrambling to put out software updates so users can update their systems accordingly and mitigate the risks of attacks. Security experts are currently conducting an investigation about the two security vulnerabilities and putting together the best plan of action moving forward.

So while the companies are putting together solutions to the security vulnerabilities, here are some tips for navigating the current situation:

Update your system as soon as patches are released

Be on active lookout for the latest patches that are released by the different companies. It's very important to update your system as quickly as possible in order to put up a shield and protect yourself until the companies can find a permanent fix. Companies such as Mozilla Firefox and Microsoft® have already released updates to address some of the ongoing issues. Heads up, these updates may slow down your computer, especially with older systems.

Check to see if your BIOS is up-to-date

On the topic of updates, be sure to also check and see if your BIOS is up-to-date.

Read up on the latest news and updates from the different companies

As companies and vendors are working to fix the two vulnerabilities, they are periodically updating users and releasing documents concerning the security vulnerabilities. Be sure to read up on what's going on and make sure you're on top of the latest news the companies are putting out.

To look on the bright side, researchers are closing in on fixes for the Meltdown vulnerability. However, the Spectre vulnerability is proving to be a more complicated issue and will require more time and effort to address properly. According to current reports, it looks like a potential processor or operating system redesign is required to fix the issue. Until it is known for sure if the CPUs need to be replaced or until a permanent solution is found, let's hope that a simple solution will provide the fix that is needed and the fear of security attacks is mitigated!

Some internet Rando 01/06/2018

Uh, Priscilla, you may wish to include a link to the BIOS update. Or state that the company does not yet have one available. -Signed, concerned customer

Terry 01/09/2018

Thank you for your comment. American Megatrends (AMI) is on top of the security vulnerability known as Meltdown and Spectre. AMI has reviewed the security issue and is happy to say that Aptio, AMI's UEFI BIOS Firmware, is not affected. However, mitigation of Meltdown and Spectre CPU security issues does involve an Intel microcode patch. AMI is working closely with Intel to get these patch updates to their microcode. AMI will make these Intel microcode patch updates to AMI customers. If you have a computer system that is affected by Meltdown and Spectre, it is recommended that you contact your computer system manufacturer for a BIOS firmware update. AMI is very vigilant about security vulnerabilities and stays on top of all security advisories.

Pati 01/12/2018

Hi I have private old computer with your BIOS version 0602 04/08/2009 and SBIOS 2.5. How can I update it? I don't have system manufacturer besause this computer was composed by my colleague of different components. Regards, Pati

Terry 01/12/2018

Pati, Thank you for your comment. In your case, you would get the update from your motherboard manufacturer. Run this tool to discover, which motherboard manufacturer made your board. Visit their website and see what updates they have for it.