Earlier this year the computer industry was greeted by the news of two new computer vulnerabilities affecting desktops, laptops, mobile devices, and cloud platforms. The flaw, dubbed as Meltdown and Spectre, makes it possible for hackers to access your secured apps and information as well as your computer’s kernel memory.
These flaws are especially problematic since it affects almost every system available. Scarily enough, hacks performed by exploiting Meltdown and Spectre are considered virtually untraceable. If you own a PC, smartphone, or a cloud server then chances you are vulnerable to an attack and a hacker could easily access your secured information without you even knowing.
Fortunately tech companies have already started addressing the issue by formulating system updates and releasing patches for the vulnerabilities. Google has already updated its system against possible attacks that may be executed through Meltdown and Spectre. Android devices, G suite, and Gmail platforms were quickly protected while users of google cloud platform should patch and update their accounts to secure their data.
Meanwhile Microsoft also released a patch that can fix the vulnerabilities. The update which was released last Wednesday, January 3, 2018 will be downloaded and installed automatically from Windows update. This applies to all devices running on Windows 10.
You might not receive a patch
If you did not receive a security patch from Microsoft: don’t panic. This is because the company is not delivering its Windows security update to customers unless their anti-virus is confirmed to be compatible with the update. If you are using a third party anti-virus which hasn’t been updated to support the Windows security patch, then you might not receive an update.
This is because Microsoft’s patch testing has revealed that a small number of anti-virus programs are producing errors by making unsupported calls to the windows kernel memory, resulting to blue screen of death (BSOD) errors. In order to avoid further problems that might be caused by BSOD, Microsoft chose to only send its security update to partners who have confirmed that their software is compatible with the operating system’s security updates.
What You Can Do
Check with your vendor. If you are using an antivirus system that is supposed to be compatible with the windows update but hasn’t received a system patch yet, then you must check with your anti-virus vendor. Your vendor may have to manually register the provided registry key in order for you to receive the security updates.
If you are unsure if your antivirus is compatible with the new windows update you may check this table made by security researcher Kevin Beaumont.
Switch to a more secure antivirus program. If you are using an unsupported antivirus program (or an illegal one for that matter it), it would be best to switch to a more secure antivirus program such as Avast, Avira, EMSI, ESET, F-Secure, Kaspersky, and Malwarebytes. These companies are compatible with Microsoft’s update and have set the registry keys in their antivirus products.
Seek professional help. If you have experience the blue screen of death, think that someone may have already hacked your device, or simply don’t know what to do with your current security system, then it might be best to contact a team of professionals who can help you with the issue.
The Meltdown and Spectre security patches are massive security issues, to say the least. Its implications are grave especially for businesses or organizations handling sensitive information about their customer base. If you need any help or assistance regarding the Meltdown and Spectre vulnerabilities and how you can protect your system, feel free to contact us at [email protected].