powersolution.com has been testing the patches provided by Microsoft and computer vendors to patch the two vulnerabilities dubbed Meltdown and Spectre.
To recap, roughly every processor produced since 1995 is susceptible to a flaw that could allow an attacker to gain access to passwords and other sensitive data without leaving a trace. These two vulnerabilities affect both Intel and AMD based processors. In order to mitigate the vulnerabilities, two patches need to be applied to the computer system – one on the operating system level and one on the firmware level to patch the microcode of the processor.
The patches change how the operating system and processor handle data. This, in turn, impacts system stability. Appling either the Windows or microcode patch could cause the computer to become unstable or inoperable. In rare cases, there are reports that after the patch has been installed, the computer will not boot.
Another side effect of the Windows patch is system performance. Newer computers (2016 and newer) see a small performance impact, roughly 4% system degradation. Older computers (2015 and previous) can see significantly greater performance degradation, between 8% and 15%.
Due to the potential impact on our clients, powersolution.com is continuously performing further tests to gauge the impact of the necessary patches to resolve the Meltdown and Spectre vulnerabilities. Once the testing has completed, powersolution.com will post another update with our guidance on how to handle these two threats.
It is important to note that these two vulnerabilities have not been exploited. In fact, developing an exploit for Meltdown or Spectre is extremely difficult. Lastly, the exploits would have to be initiated internally on the system – which is prevented by the already-in-place security measures, such as the organizations’ corporate firewall and antivirus solution.
Do you have questions or concerns regarding the CPU Meltdown & Spectre vulnerabilities? Is your business in good hands when it comes to managed IT services, data and network security, and technology information?
Business Continuity Plan
Take care of it before cybercrime or a vulnerability hits your business.
You may be interested in Intelligent Business Continuity services from our NJ IT Security Consulting, IT Services, and Computer Network Support company for Small Business, that includes all assets of Managed Services.