Intel, ARM and AMD chip scare: What you need to know

Meltdown and Spectre. Not James Bond films, but real life cyber security threats.

Here’s the lowdown.

News broke earlier this week that the discovery of gaps in security that stem from central processing units (chips/microchips), allow privately stored data in computers and networks to be hacked. These security gaps affect nearly all computers worldwide (along with many other devices).

So far no data breaches have been reported, however now that this has been made public, there are concerns in the industry that the bugs are discoverable and could be taken advantage of.

So, what do you need to know, and what can you do? First things first, don’t panic!

What are the bugs?

There are two separate security flaws, known as Meltdown and Spectre.

  • Meltdown = affects laptops, desktop computers and internet servers with Intel chips.
  • Spectre = potentially has a wider reach. It affects some chips in smartphones, tablets and computers powered by Intel, ARM and AMD.

Devices that connect to the cloud are also at risk.

The bugs allow hackers to potentially read information stored on a computer memory and see information like passwords and/or credit card data.

How to protect your data – install updates as soon as they are available!

It’s been reported that this has been known about in the industry for 6 months, and that developers and security experts have been developing plans to deal with the flaws.

As a result, there are a number of security updates, or patches being released that will protect your computer, tablet or phone against a breach that uses the Meltdown vulnerability. You should install these updates as soon as they are made available.

On 4th January, Microsoft released an emergency Meltdown patch for Windows 10 via a Windows Update. This will shortly be applied to Windows 7 and 8 machines.

Microsoft, Apple and Linux are all issuing patches. Apple have said that all Macs, iPhones and iPads are affected by Meltdown, but Macs running the latest version of macOS, numbered 10.13.2, are safe, as are iOS version 11.2, which is used on iPhones and iPads. Apple will issue further updates over the next couple of days to mitigate the Spectre risks.

Android phones with the most recent security updates are protected, and users of web services like Gmail are also safe.

Chromebook users on older versions will need to install an update when it comes. Chrome web browser users are expected to receive a patch on 23 January.

Cloud services for businesses, including Amazon Web Services and Google Cloud Platform, say they have already patched most services, and will fix the rest soon.

Spectre is thought to be much harder to patch and no fix for it has yet been made widely available.

Will the fix slow down my computer?

There have been claims that fixes could slow down computer systems, potentially by up to 30% depending on the work that is being done. This however is yet to be proven. If you use your computer mainly for web browsing and email, the security fixes are unlikely to slow your computer down.

If in doubt, get in touch with us here at Smart and we will check that all your security updates are in place.

Get in touch