Meltdown / Spectre

Computer researchers have recently found out that the main chip in most modern computers—the CPU—has a hardware bug. It’s really a design flaw in the hardware that has been there for years. This is a big deal because it affects almost every computer on our network, including your workstation and all our servers.

This hardware bug allows malicious programs to steal data that is being processed in your computer memory. Normally, applications are not able to do that because they are isolated from each other and the operating system. This hardware bug breaks that isolation.

So, if the bad guys are able to get malicious software running on your computer, they can get access to your passwords stored in a password manager or browser, your emails, instant messages and even business-critical documents. Not good.

So, What Are We Doing About This?

We need to update and patch all machines on the network. This is going to take some time, some of the patches are not even available yet. We also may have to replace some mission-critical computers to fix this.

In the meantime, we need you to be extra vigilant, with security top of mind and Think Before You Click.

If you haven’t already heard of the hardware vulnerability recently discovered, here are a couple of articles: http://mashable.com/2018/01/04/spectre-meltdown-explained and https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html .

We are currently waiting on our antivirus applications to have their compatibility confirmed (actually most clients are on a compatible version of Vipre) before Microsoft’s patch can be installed. On January 9th Vipre (and hopefully Bitdefender) will set a flag that will allow Microsoft’s patch to install.

The good news is there are currently no known exploits and a user must still run code (like though a rouge website). The bad news is that the patch may hurt computer performance by up to 20 percent (testing has been mixed from no impact to 40 percent). We fully understand the frustration this may cause but there’s nothing that can be done at this time and it may mean some computers must be replaced.

Also, we have seen a handful of computers have all their files completely erased due to what we think are compromised websites.  This has required a full reload of the computer. Unless we specifically have a backup in place for your computer, as always, please do not store data on the the local hard drive. If you have questions about your computer please send a help request or call. We absolutely can setup a backup for local data.