Lessons Learned From Meltdown And Spectre
4 Best Practices to Protect Your Business
It’s been weeks since the Meltdown and Spectre vulnerabilities took the security world by storm, yet we’re still living in a state of chaos and confusion. The best “fix” for these bugs is still forthcoming, and patches should be implemented once they’re available. Michael Lines offers guidance to help you master the art of patching.
By now, you probably know that Meltdown and Spectre exploit critical vulnerabilities in modern processors, allowing malicious programs to steal data that is being processed on a computer. The unforeseen consequences of these hardware design flaws leave us facing a problem unlike anything we’ve ever seen, both in scope and scale (billions of desktops, laptops, smartphones and cloud computing platforms are affected). As a result, hardware and software vendors and researchers are still trying to determine the best “fix” for these bugs, and companies are still struggling to understand the scope of the issue, their vulnerability level and what they can do about it.
Early announcements to replace the impacted CPU chips have rightfully been supplemented with more practical advice to apply appropriate patches as they are released. This, in and of itself, is a complicated process, as patches will need to be applied across a vast array of operating systems, and many of these patches are still to be developed and released.
But there’s no need to panic. Here are several best practices to help you master the patching process.
Source: Disaster Recovery Journal