So the latest with the Spectre/Meltdown disaster is that Microsoft have now released a patch to stop the patch that Intel released to mitigate the Spectre/Meltdown shenanigans
Intel released a fix first which some deployed and some didn’t. It wasn’t straight forward as it relied on the AV providers approving it which was met with a universal ‘meh’. Then before anyone could catch their breath we found out that in many cases it caused horrible slow downs, reboots and random crashes.
Now Microsoft are fixing the fix; never mind the ongoing situation with the exploit. What a sorry state.
Meanwhile Intel are apparently working on a fix that doesn’t break everything. Wow.
In the meantime the constant conversation in the office is around the fact it’s yet another security issue. At Consilium we are doubling down on Cyber Security. We figure the best we can do for our clients is to patch where we can and to protect endpoints and network perimeters in the best way possible.
We have been running a number of security lifecycle reviews at customer sites in London, Edinburgh and Glasgow IT support locations and in each instance it’s clear that there are always security improvements that can provide additional protection.
Aside from patching the two areas where we think organisations need to improve is their firewall and endpoint protection.
Closing ports and having an AV doesn’t cut it. It’s protection in name only. Whilst everyone worries about Spectre it’s more likely that a zero day attack or a bit of malware will slip through a browser session. I’d encourage you to take a Security Life Cycle Review (SLR) with us today and have your eyes opened to the threats that cyber threats that put your infrastructure at risk every day.
On one recent SLR we found a client being consistently brute force attacked by Russian IP’s. We have found more unsavoury issues elsewhere. Now is the time to act.