Dear Campus Community,
Many of you have already seen the widespread media coverage of two new security vulnerabilities known as “Meltdown” and “Spectre.”
Meltdown is the name given to a design flaw that exists in all Intel computer processors since 1995. This includes computers by popular vendors such as Apple, Microsoft, Dell, HP, and Lenovo.
Spectre is similar but different in some important ways. Spectre is the name given to a design flaw that affects Intel, AMD, and ARM processors. This includes computers, tablets and smartphones made by popular vendors such as Apple, Microsoft, Dell, HP, Google, and Lenovo. The relatively good news is that it is much more difficult to successfully exploit Spectre and the attack surface is limited to user space processes, e.g. web browsers, desktop applications.
What is LIU IT doing?
Information Technology has already installed software to help mitigate these vulnerabilities on all LIU-owned computers and devices, as well as servers across the University.
What can you do (for your personal devices)?
There are two important things that we want you to know about these vulnerabilities:
1.) Don’t panic. While these vulnerabilities are widespread and definitely very bad, there is no need to panic. There’s no need to go buy a new computer or go back to using pen and paper. You may read some very scary media reports about the potential impacts of these vulnerabilities. This is common when widespread vulnerabilities are announced.
2.) Keep your software up-to-date. This includes your operating system (Windows, MacOS, Linux, iOS, and Android), your browser (Microsoft Edge, Google Chrome, Firefox, Safari), and your browser plug-ins. Vendors are working very hard to produce software to mitigate the risks of these vulnerabilities. Make sure you install these updates when they are available. Please ensure that you install the latest updates on all of your personal computers and devices at home to keep them protected from these vulnerabilities.
If you have any questions, please call IT LIU Helpdesk at X3300 or e-mail firstname.lastname@example.org.