Intercom

intercom home  |  advanced search  |  about intercom  |  alerts  |  faq  |  help     Search Intercom

sections

News and Notices
Lectures and Presentations
Arts and Performances
Learning Opportunities
Kudos
News for Faculty
News for Staff
News for Students
Student Organizations
HR News
Comings and Goings
Technology
Archive

IT Security Alert: "Meltdown" and "Spectre" Vulnerabilities

Contributed by Jason Youngers on 01/05/18 

Print

IT is working to deploy security updates to IT-managed systems. Restarts will be required. Please ensure that your personally owned computers, phones, and tablets are up-to-date.

Many of you may have heard the recent news about two new security vulnerabilities referred to as “Meltdown” and “Spectre.” These are unusually serious vulnerabilities that affect virtually all computer systems, including servers, workstations, laptops, phones, and tablets, regardless of operating system. Microsoft, Apple, RedHat, Dell, Google, and other software and hardware suppliers have begun to release security updates (patches) that mitigate portions of the risk associated with these vulnerabilities.

Meltdown and Spectre allow user software, such as web browsers and productivity tools access to memory assigned to other software including the system kernel, and could lead to the compromise of data, passwords, and encryption keys. Proof-of-concept exploits of these vulnerabilities have been reported, but we have not yet seen reports of them being used in actual attacks.

IT is working to ensure that we deploy available patches as soon as possible.  While we will work to minimize any associated disruption, some system restarts will be needed as patches are applied, and we will do our best to communicate with the campus community ahead of service outages, but significant advance notice may not always be possible.

  • Windows and Macintosh computers managed by IT are configured to promptly download and install security updates as they become available.  Please note that your computer may restart automatically after the security updates have completed.
  • For our servers, we are applying available patches to our development and test systems, and once we verify there are no major issues, we will continue with our production systems over the next few days.
  • Most mobile devices (phones and tablets) in use at IC are not owned or managed by the College, and we have limited ability to ensure that they are properly patched. Please check for updates on your phones and tablets and apply any that are waiting.
  • Other personal or non-IT managed devices – we strongly encourage you to promptly install any patches or updates that are made available by your computer vendor.

Topic: Archive
IT Security Alert: "Meltdown" and "Spectre" Vulnerabilities | 0 Comments |
The following comments are the opinions of the individuals who posted them. They do not necessarily represent the position of Intercom or Ithaca College, and the editors reserve the right to monitor and delete comments that violate College policies.