It was recently revealed that nearly all computers, mobile phones, tablets etc. worldwide have been left vulnerable to hackers through security flaws stemming from central processing units, leaving billions of the world’s devices at risk.
Central processing units are the chip or microchip contained within devices. The breach could allow privately stored data contained within devices to be hacked.
What are the flaws?:
There are two different security flaws, which are known as Spectre and Meltdown
- Spectre has the potential for a wider reach. It affects some chips in smartphones, tablets and computers powered by Intel, ARM and AMD.
- Meltdown affects devices with Intel chips such as laptops, desktop computers and internet servers.
Devices that connect to the cloud are also at risk of being affected.
How big is the problem?:
The UK’s National Cyber Security Centre has stated that there is no evidence that the vulnerability has been exploited.
But now that the issue has been made public, it has raised concerns over the discover ability of the flaws and whether they will be taken advantage of.
What information is vulnerable?:
The flaws allow hackers to potentially be able to access and read information stored within computer memory and steal information like passwords and card details.
How do I protect my devices?:
Meltdown:
- Device makers and operating system providers are currently pushing security updates or patches. These will help protect your devices against any breach that would use the Meltdown vulnerability. Users are advised to run these updates as soon as they are made available.
- Apple, Microsoft and Linux are all currently working on issuing patches and updates across their devices.
- Microsoft have released an emergency Meltdown patch for Windows 10 today via Windows Update. This will subsequently also be applied to Windows 7 and 8 machines.
- Google said Android phones with the most recent security updates are protected, and users of web services like Gmail are also safe. Chromebook users on older versions will need to install an update when it is released. A patch for Chrome web browser users is set to be released on the 23rd Jan.
- Cloud services for businesses, including Amazon Web Services and Google Cloud Platform, say they have already patched most services, and will work to fix the rest as soon as possible.
Spectre:
- Apple has released a statement saying that they will be releasing updates to mitigate against the Spectre flaw “in the coming days”.
- Spectre has been revealed to be much harder to patch and no fix for it has of yet been made widely available. However, companies are rushing to find a solution.
Our advice is to ensure that you are regularly checking your devices updates, so that as soon as a patch is made available you can download it. This will ensure your device is as protected as it can be, whilst companies find a more long-term solution.
Also avoid downloading any information or applications from unknown sources and make sure you are practicing good cyber security methods. For a list of these you can see our recent post here- .https://intalect.co.uk/unsure-make-sure-devices-fully-secure-heres-advice
For more details visit the BBC for the full story- http://www.bbc.co.uk/news/technology-42575033
