The technology world was shaken to its very core at the start of 2018, pun always intended, as two big new vulnerabilities named Meltdown and Spectre were made public.
The former is being called one of the worst CPU bugs ever found, while the latter is expected to be a bigger problem in the long term — not only is Spectre harder for hackers to take advantage of, it is also harder to fix.
Meltdown, however, is the short term that needs immediate attention.
Attention that Microsoft is providing.
Before we get down to the fixes and security patches that Redmond, and other technology companies, have made available, let’s take a very quick look at what Meltdown and Spectre are, and how they could steal your data.
First up, Meltdown is a security flaw that can allow hackers to bypass the hardware barrier between applications run by users, and the computer’s core memory, which is highly protected. This means anything that can run as an application can basically steal your data — including websites.
Spectre can potentially allow hackers to trick otherwise error-free applications, and have them disclose sensitive information.
Meltdown currently only affect Intel chips manufacturer since 1995, with the exception of Itanium and Atom chips made before 2013. Spectre affects all modern processors, including those designed by Intel, AMD and ARM.
Serious stuff, as you can see, and Microsoft has already scheduled patches for these vulnerabilities, with some of them having been issued. Meltdown ones are available, while Spectre is next on the list, and will be rolled out when ready.
Luckily, while there have been no reports of attacks in the wild, security researchers believe it is only a matter of time before cybercriminals start exploiting these flaws, now that the information is available.
Goes without saying that you should deploy the latest updates and patches that arrive for your PCs and other hardware as soon as possible.
Things may heat up.