Spectre and Meltdown: How to Protect Your Devices

Posted January 30th, 2018 at 8:00 am.

1/30/18:  Spectre and Meltdown are serious vulnerabilities that require your immediate attention. There are many layers of work that LITS must do to mitigate their impact on College-owned computers and systems. The story is still developing; we will continue to make changes over the coming weeks. These could include:

  • Popups on your computer
  • Automatic actions pushed to College-owned computers
  • Actions we ask you to take

Please pay close attention to these requests and help us take these critical steps. For example:

Yesterday we pushed a notification to College-owned Macs. The message alerts you to available updates to install, which could take 30 minutes or more. You can click the button to begin the installation and restart your computer, or defer until February 15th. After February 15th, the updates will automatically install and reboot your computer. This is not an update your operating system. LITS will be reaching out to those community members running macOS 10.10 and 10.11 directly with additional steps to update to 10.13.

These actions are very important and have been designed to mitigate vulnerabilities on College-owned machines as efficiently as possible.

1/9/18:  you may have seen news articles this week about two significant new flaws found in computers, smartphones, tablets and other devices, called Spectre and Meltdown. These are serious vulnerabilities that require your immediate attention.

Security researchers discovered flaws that impact the computer processors (CPUs) that are the heart of all the computerized equipment you own and use every day. These bugs allow hackers to steal data from your devices through malicious software or a hacked web site. Updates to operating systems such as Windows, macOS, Linux, Android, and iOS as well as browsers, plugins, and other software are required to protect devices from these flaws.

You should:

  • Update your personal computers and mobile devices. Make sure you are running the most current operating system update and web browser update. Update any plugins, particularly for things like Adobe Flash, to the most recent version.
  • If you store passwords in your browser, remove them and do not use this feature in the future. Try a password manager instead.
  • Pay attention to browser error messages and security
  • On your College-owned computer:
    • Say “yes” to updates
    • If you’re on a Mac and you’re not using macOS 10.13.2 (High Sierra), update as soon as possible via the app store on your computer or call the Help Desk to make an appointment.

LITS will:

  • We already have a number of strategies in place to ensure updates to College-owned computers and servers happen automatically or on a regular schedule. Systems staff has already updated several critical services, and will update more throughout the week.
  • We may contact individual community members directly by email or via popups on your computer to ask you to update one or more pieces of software. We will only do this if we identify that the software you are using on your College computer is vulnerable.

We will update the community with further information as it becomes available.

For more information:

Some manufacturers will be releasing updates in the weeks to come, so we recommend you continue to check your device’s update features for new versions. If you are running an old, unsupported operating system, you may need to update to a newer operating system version.

Contact the Help Desk with questions: help@brynmawr.edu or 610-526-7440.

Filed under: Announcements by Melissa Cresswell

Comments are closed.