Panic! Everything’s broken…Hackers have your passwords,files and can do what they want with you.Act now!You may have seen a lot of click bate style headlines likethis recently following the news that exposed flaws in computer operatingsystems which have underlying reliance on CPU architecture from manufacturerslike Intel and AMD.
These systems areresponsible for helping to protect critical and sensitive information likepasswords and encryption keys from leaking out to other programs for nefariouspeople to help themselves to. While this has only hit the main stream media in the lastcouple of weeks, it has been on the radar of the security community for severalmonths, with serval software vendors working hard to determine mitigationstrategies. Okay, so now we have put the panic to one side for now,let’s look at the worst-case scenario and explain how this underlying hardwareflaw can affect you!**Please keep in mind the following is a non-technicalarticle that aims to give you a general overview of these current issues. If you have any more questions then pleasecontact us directly.
So what’s happening here?Vulnerability stretches across all platforms and people -whether you’re a business or the owner of personal electronical device like a PC,mac , phone , IOT device or even a car!Yes, a car will also require a form of a processor or “CPU” to run on thedevice and interact with the software in order to process jobs andcommands. So everything I hear you say…well yes, everything. Researchers have found and proved that a malicious threatactor, as they are known in the cyber game, can effectively run code on thedevice that will compromise the CPU and make it reveal and hand over all yoursystem critical sensitive data.
Now, it’s important to keep in mind that so far, no one haspublicly had these vulnerabilities used on them and disclosed. But that doesnot mean it hasn’t already happened…But typically speaking, when vulnerabilities are disclosed,vendors would just software patch the problem – I’m sure everyone has done anAdobe update or patch Windows. And undernormal circumstances, this would plug the hole. But in the case of this new threat, as the architectssupplying us software to our devices had previously assumed that this was asafe zone.However, the fix is at such a low level of the computerarchitecture that plugging the hole and patching means computers areessentially having to bridge the technical gap and do more work! This meansslower systems to end users – in some bench mark tests, these have been up to30% slower. Some home users and businesses have also found that a recentMicrosoft patch trying to mitigate this issue would crash and result in theirdevice blue screening as the antivirus program of choice was built in a waythat is not compatible.
The ramifications of applying these fixes could mean thatthe speed of setups is considerably degraded, and users must be made aware ofthis to make informed decisions. What’s possibly most worrying is despite the degrading ofperformance the long-term impact on devices will be vast as there will be manyhardware and software vendors that will never look to fix this issue. In short if your device is out of support andcontrols sensitive and critical information then migrating to something newshould be on the forefront of plans.The best and first thing you can do is seek the advice foryour IT support consultant or company around your particular devices and set tocheck what and when patches can be applied.