Meltdown & Spectre

Date Created: 1/8/2018 1:30:48 PM

In early 2018, two major computer vulnerabilities, known as  Meltdown and Spectre, began making headlines about major flaws in processors that affect nearly every computer. Exploitation of these vulnerabilities could allow an attacker to gain access to sensitive information. There have been no reports of attackers exploiting the vulnerabilities, but they still require immediate, ongoing attention and efforts to secure. 

 NAU ITS is working to address threats to university servers, Windows and Macintosh computers, software, and vendor-supplied applications. In some cases, patches or updates are already available and NAU ITS has been applying them as they are released. Some instances will require patches over the next few weeks as vendors release more updates. 

Everyone is urged to apply updates and restart their devices as soon as the updates are available.

NAU-Owned Computers 

 

  •  Windows Devices: ITS is working to establish a process for pushing updates as they become available. Because of the variety of devices running Windows, several updates and patches may need to be installed over the coming weeks and months. SCCM will help with these updates, but there may be some areas where in-person updates may be necessary.
  •  Apple Devices: If you have JAMF installed on your machine, all updates will be pushed out as they become available. If you do not have JAMF installed, please visit the  JAMF and SCCM page to start the process. When an OS update becomes available, update as soon as possible to ensure your machine is protected. 

Personally-Owned Computers  

Please note that simply updating your operating system and browser settings is not enough to truly protect your devices. Additional firmware updates, which require installing the update and a hard reboot, will be required. Continue to check for updates that may apply to you.

  •  Windows or Macintosh:  Follow best practices by keeping your anti-virus software up to date and installing operating system patches through Windows Update and the Mac App Store. Pop-up windows may indicate that updates are available for download, or possibly already installed. Agree to install them and restart, if prompted.
  •  IOS devices (iPad, iPod Touch, iPhone):  Go to Settings > General > Software Update and make sure the latest version of iOS is installed. If not, install. The Settings App may also display alerts.
  •  Android devices: Specific paths can vary, but typically, go to Settings > System Updates and make sure the latest system is installed. If not, install. 
  •  Web Browsers: All major browsers (Chrome, Firefox, IE, Safari, and others) are being updated. The quickest way to update is usually through the Help > About section of your browser, from the control icon in the upper-right corner. Check to see if your browser is up to date by visiting whatbrowser.org.

 Be aware that scams and unsolicited offers of help related to this issue will circulate.

Faculty/Staff: If you have any questions, please contact the Solution Center at (928) 523-1511 or (888) 520-7215.

Students: If you have any questions or need help updating your device, please contact the Student Technology Center at (928) 523-9294 or (888) 520-7215. You can also visit our office in the Cline Library. Our hours of operation can be found at nau.edu/stc/hours.

 More information: 

Technical Details and Updates 

  • Servers, labs, and classrooms are being prioritized
  • Cloud services have either already been patched or are being contacted for their plans (Google, Blackboard, Azure, Armor)
  •  BIOS firmware updates are being made available - Dell advises applying Microsoft updates before installing the BIOS update.
  • SCCM and JAMF deployment of patches will be tested and implemented