Information Security Alert: What You Should Know About Two Major Security Flaws, Meltdown and Spectre

Recently, we were made aware of two major security flaws—Meltdown and Spectre—that affect most modern computing devices. Although the story is still developing, we’d like to share what we know so far about these vulnerabilities.

What are Meltdown and Spectre?

Meltdown and Spectre are recently disclosed flaws found in processing chips that exist in the majority of modern computing devices. (Learn more.) Affected devices include:

  • Desktops
  • Laptops
  • Servers
  • Tablets
  • Smartphones
  • “Internet of Things” devices (e.g., Internet-connected lights, thermostats, refrigerators)

Systems and certain applications (e.g., web browsers) that are not patched against these threats run the risk of leaking sensitive information to attackers.

Fortunately, as of this announcement, there have been no reports of these attacks being successfully executed. 

How can I defend against these threats?

Companies that use the affected chips in their products—including Microsoft, Apple, and Google—are actively working to release patches, which should come as part of future updates. For all of your devices, we recommend updating as soon as you’re prompted. This includes:

  • Operating systems (e.g., Windows, macOS)
  • Desktop and laptop firmware (e.g., Lenovo, Dell)
  • Mobile device firmware (e.g., Android, iOS)
  • Applications (e.g., web browsers)

Please note: Reports claim that some patches could potentially degrade performance by as much as 30 percent.

Questions?

If you have any questions about the information shared here, please feel free to call me at (972) 931-3818.

Sincerely,

Kris Maksimovich Email Signature

Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by Commonwealth Financial Network®.

Back To Blog