Security alerts from specialists often provide a warning of potential threats which may not affect every user of that hardware/firmware/software. How big a threat any vulnerability may create depends on many factors of which a key factor will be the potential value to a hacker of gaining access to particular users and systems. As professional hackers are patient and methodical, no piece of illegally acquired code/information should be lightly dismissed because one vulnerability provides knowledge of a system for further exploits – Ed
It was revealed that nearly all computers worldwide and many devices have been exposed to security flaws leaving them vulnerable to attacks by hackers.
Comments from cyber security expert Mike Simmonds explaining the what wider effects the security flaws could have and how to protect your own appliances.
Comments attributed to Mike Simmonds, CEO of Axial Systems.
“Effectively, if a third party gains access to an Intel, ARM or AMD processor with a suitable crafted code that is allowed to execute, the code can be instructed to copy some of the Kernel RAM (core but temporary memory ) of the appliance and potentially export the same data.
“If the software knows exactly where and what to look for, the data exported will remain unstructured and without context so a large amount of post-exfiltration processing will be undertaken to successfully exploit what has been extracted. The overall effect in the consumer world is likely to be small and there is no need to change appropriate security behaviour, protect your systems, don’t click on unsolicited email attachments and protect your systems with the relevant hardware, software and procedures.
“The overall effect of the solution that is being used in the repair patches and applied, will undoubtedly lead to an impact on performance but only on really process-intensive applications such as software compilation.”
Mike Simmonds Bio: Mike has dedicated his career to the communication and networking industry. Mike’s outstanding technical knowledge, combined with a detailed understanding of the challenges and needs of global customers, has given him a wealth of experience helping him to establish his position as an industry thought-leader on Cyber security and topics such as GDPR.