Meltdown and Spectre Attacks
Thursday, Jan 11, 2018 | Andrew Hamrin
On Thursday January 4th, Google’s Project Zero released details about two different exploits now known as Meltdown and Spectre.
These exploits would allow an attacker to steal private information and passwords remotely without knowledge from the user.
Due to how this exploit works, it is necessary for machines running Intel processors to have the BIOS updated to be fully protected.
To protect against these exploits, Microsoft has released a patch for Windows, but are waiting for Anti-virus companies to become compliant with the new patch before it will install. Microsoft stresses that unless you have compliant AV software, you will not receive security updates.
To reiterate the fixes for this exploit:
Phase 1: Update the BIOS with the new version.
Phase 2: Confirm the Anti-virus you are using is compliant.
Phase 3: Apply Windows patch.
If you have any questions please feel free to reach out to your technician or myself, our information can be found here!
More information about this can be found at http://www.meltdownattack.com