left hexagon image right hexagon image

What are Meltdown/Spectre?

Whilst the media frenzy starts to settle, it hopefully puts some minds at ease knowing that at current the NCSC report that there is no evidence of any malicious exploitation of the reported flaws.

With that in mind, all organisations and home users however should continue to ensure their systems are protected by installing patches as soon as they become available.

What are Meltdown/Spectre?

‘Meltdown’ and ‘Spectre’ are two security flaws affecting microprocessors. Actions that would have normally been difficult for an attacker, such as recovering passwords, are theoretically easier.

However, an attacker would still need to run code on your device. Access would typically be gained via well-known means, such as phishing attacks or browsing malicious websites.

What are the vulnerabilities?

Processors in most devices employ a range of techniques to speed up their operation. The Meltdown and Spectre vulnerabilities allow some of these techniques to be abused, to obtain information about areas of memory not normally visible to an attacker.

What can I do to protect myself and my organisation?

Device and platform manufacturers are releasing updates to supported products which will mitigate this issue.  Ensure that the latest patches have been installed, and that you are not using unsupported devices as these will not be fixed.

Sedcom are currently monitoring vendor responses in order to best assess when and how to deploy relevant patches. Microsoft have released a patch for their Windows 10 operating system with Windows 7 and 8.1 to follow shortly. In order for this patch to install it requires any installed Antivirus solution to be compatible, we have been monitoring AV responses to this incident where most are now listing themselves as supported (e.g. Trend, ESET, Bitdefender, Symantec, Sophos etc). Vendors such as Apple and Google are also issuing relevant patches. Sedcom will be liaising with all of our clients over the coming days to begin ensuring all systems where appropriate are protected.

For some further information and guidance please review the links below

NCSC ‘Meltdown and Spectre’ guidance one

NCSC Home user guidance to manage processor vulnerabilities ‘Meltdown’ and ‘Spectre’

Related News & Blogs

December 2023 Newsletter

This month we’re wondering whether Google is setting a good example when it comes to keeping your business secure. The…
Read More

Further European success for Sedcom!

We are delighted to announce that further to our IT Europa success in 2022, Sedcom has again been crowned champions…
Read More

ITE Awards 2022

We are very excited to announce that Sedcom Networks has recently been named winners of the Managed Service Project of…
Read More