The scale of Meltdown and Spectre runs all the way from end-user applications, down to the physical design of the processors. Until a new generation of chips is released – and you own one – you will need several layers of protection. It means a lot of security updates are on the horizon, to address the threat.
As a very high-level rundown of this, you should be considering the following areas:
You will need to patch your operating system. This means client machines (laptops and desktops), as well as servers. The most common OS types are Windows, Mac OS and Linux.
These run virtualised server infrastructure. Nearly all hypervisor software currently in use is either HyperV or VMWare.
If you use cloud services, you need to check your provider has an upgrade plan to address security at all levels. Riverbank Cloud is receiving the full works of updates, while Microsoft Azure has already rolled out hypervisor-level updates.
Tablets & Smartphones
You will need to manage security updates for your mobile phones and any tablet devices you use, such as iPads. Microsoft are publishing updates to Surface devices through their normal update channel.
You will need to patch your internet browser applications. We’ve a quick guide to this here.
3rd Party Software
Every software developer will need to patch their software to protect against this exploits. As the variety here is so vast, you will need to speak directly to the vendors you use and ask them what their plans are.
You should also extend your security updates to firmware. This is the low-level code built into your laptop or desktop. How to do this will depend on what hardware you use. All Riverbank clients are being issued with a report of what makes and models of hardware they currently have, so you can easily identify risks and where to start.
If you have questions about any of the above, please contact us on firstname.lastname@example.org or 01235 426 700. Or fill details below.