No device is safe from Meltdown and Spectre Vulnerabilities:eScan


Almost every processor designed since 1995 is affected by “Speculative Execution Side-Channel Attacks” as per the extensive research was done by the researchers of Google Project Zero. The vulnerabilities have been segregated into two categories viz. Meltdown and Spectre.

Computers, smartphones, tablets etc. with Windows, Linux, iOS, MacOS, tvOS, Android or any other operating systems are impacted by these vulnerabilities. Advisory issued by Microsoft can be accessed here (https://portal.msrc.microsoft.com/en-US/security-guidance), furthermore, users should enable Automatic updates. However, it yet unknown how smartphone device manufactures would be pushing the updates considering for a fact that every vulnerability addressed by Android takes a long time to be made available to the end-users by the device manufacturers. Apple/iOS traditionally have always been very quick in addressing the concerns and have been providing patches to its users at a much faster rate and this time around too, we expect Apple to provide a resolution for these issues.

Apple has issued a statement pertaining to Meltdown / Spectre and iOS / Mac users should expect updates to the Safari Browser in next few days.

 eScan Advisory:

  • Update security patches regularly: It is very critical to keep your mobile device fully updated. Now that the vulnerabilities have been discovered which can be exploited using Javascript, updating the browsers as and when the new versions are made available, would be the best defense for your mobile.
  • Desktop/Servers: Ensure that the installed Antivirus has enabled the registry key on Windows Machines, as mandated by Microsoft, as this would ensure that Antivirus has tested and is compatible with the patches provided by Microsoft.
  • Be cautious while downloading applications: Avoid installing applications from the internet. Use the Google Playstore or App store as provided in the mobile device.
  • Ensure Backup: Always keep a backup of the data on the mobile device before formatting the device.
  • Upgrade your device:  Many a times mobile devices do not get updates after the software and hardware have become the old. The companies keep upgrading the versions of the mobile device with the latest security patches applied.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: