By now you should have heard about one of the most widespread and potentially troublesome security flaws we have seen in recent history.
As originally reported at the beginning of this month it was revealed that a design level flaw in Intel, AMD and ARM chips could allow access to read potentially sensitive information including passwords, credit card details, security certificates etc.
Patches have been issued but there is still confusion over whether a system is safe or not and if you are patched, what kind of performance hit did you take in implementing the patch? At the moment for Windows users there is an answer (Mac and Linux, you might have something coming soon).
A security expert I follow by the name of Steve Gibson runs a little corner of the internet at GRC.com. Steve has serious programming skills and his software is lightweight, tight and does the job intended. InSpectre is no different.
If you want to check to see if your Windows system is at risk, simply go to this page to download the file. If you would rather just get the file the direct download link is right here (this will download an executable file).
*NOTE this file is served direct from GRC.com. It is not my work and I cannot give an unconditional guarantee that it will work as required as the original file is out of my control.
Once downloaded (it takes seconds) simply run the file to find out if you are exposed.
Understand that being vulnerable does not reflect poorly on you. The fact that you are checking says that you are good at cyber security. Knowing is half the battle.
If you are vulnerable you will need to get to your system software and firmware updated.
Meltdown is typically fixed with a security update from Microsoft or your Operating System manufacturer (Apple, Linux etc.). However at this point in time, Spectre is addressed with a firmware update or replacing your system with hardware that can fix this issue.
In this case, it turns out this system will be waiting for a firmware update or an all out replacement. I have a feeling it will be the latter.
While this system waits for a fix the good old safe computing practices apply.
- Keep all your software up to date.
- Think before you click.
- Keep checking your system with InSpectre to see if recent updates have fixed the problems.
- Start planning for your next system if you are not fully protected.