Yesterday, January 3, two massive security flaws were uncovered and reported, and they go by the fun names of “Meltdown” and “Spectre”. Here is what you need to know:
- Both of these flaws allow hackers to view information stored in your computer’s running memory–not your hard drive. This is a very good reason not to allow your browser to store your website usernames and passwords, because that information is now highly vulnerable to this attack.
- Windows 10 computers should already be patched against Meltdown. Windows 7 computers should receive their patch next Tuesday (Jan 9th). Until Tuesday, please exercise more caution in terms of which WiFi networks you use and which websites you visit.
- The Spectre flaw is a more complex exploit that will take weeks or months to mitigate with software patches, and ultimately will require a redesign of CPU hardware by manufacturers. There is nothing we can do about it now.
For more information, visit https://meltdownattack.com/