It's been just over one week since Microsoft, Apple, and numerous software vendors released updates to patch their operating systems and applications with the goal of mitigating the impacts of Meltdown and Spectre. As those efforts were getting underway, we reported on what these threats are, things you might need to know, and what Bennett/Porter was focusing on to keep our data center secure. So where are we now? Here's a rundown.
Bennett/Porter's Information Technology team updated all our servers and hardware in our Cloud infrastructure with the requisite patches. We also updated all in-house machines that had any chance of being vulnerable, and antivirus fixes were rolled out as a further measure to reduce risk of related attacks. Happily, we haven’t seen the mass hysteria that was predicted as a possible consequence of these new vulnerabilities. However, it's important to note that there is no known targeted attack for Meltdown or Spectre yet, so most of what we've done is take preventative measures, as we would do in advance of the presence of any suspected threat.
Although those patches and updates can cause a slight dip in performance, end users of our systems should not notice any appreciable difference from before. This report from Stack Overflow shows, in very technical detail, how slight the performance drop-offs are in a highly tuned, regulated network environment like ours. The differences in CPU utilization and web speed are measured in milliseconds, and they are nearly unnoticeable when comparing prior results to post-updated software. Furthermore, Bennett/Porters's I.T. and Cloud technicians have made more resources available to compensate for any additional CPU or memory usage.
As time goes on and more is uncovered regarding potential problems stemming from Meltdown and Spectre, vendors will continue to release updates and patches. These fixes will have various impacts on computer hardware where they are installed. We'll stay current on these developments, and, as we receive more information and make more critical decisions regarding our own infrastructure, we will share our approach and actions with our customers.
As always, let us know if you have any questions!