Microsoft Windows, Intel Processors, Browser Extensions, Coinbase Breach
Risk 1: Medium
Issue: Microsoft has released patches for both Windows 10 and 11. IN total, there are over 120 updates, at least 12 of which are labelled as critical and 3 are considered zero-day vulnerabilities.
Resolution: Users using either Windows 11 or Windows 10 should update their systems as soon as possible.
Risk 2: Medium
Issue:Intel recently announced a large concern for those using one of their processers. This concern is connected to all Intel-processors since Generation 9 (2018). This vulnerability allows for data to be extracted from system memory, bypassing encryption protocols, allowing for full access to all data residence in your computer memory including any PII you may have present.
If you recall, Apple faced a similar challenge last year with their newer Apple Silicon chips. Apple was unable to release a patch as the vulnerability was integrated into their hardware, but only patches were usable, but drastically impacted system performance.
This vulnerability is believed to only be a threat with physical access to the machine.
AMD processors were tested and deemed not vulnerable.
Resolution: Unlike the Apple vulnerability, Intel believes a series of small patches will resolve the issue. The patches are already starting to be released and will continue over the next several weeks.
Anybody with an Intel processor new form 2018 or newer should update their system software to apply the patch (you may need to schedule this if your specific patch is not available yet.
Risk 3: Low
Issue: Layer Security released a report revealing that 99% of browser extensions have elevated permissions not required for the actions them complete. While this may seem minimal, these elevated permissions become the knocking post for malicious code to enter your system or monitor your online activity, included access to any PII you manage through a browser-based app.
Resolution: Just an ongoing friendly reminder to minimize the browser extensions you are using and to only use extensions from known and reputable sources.
Financial Guardians is a proud member of InCite, the recently launched online community exclusively for tax professionals, bookkeepers, and accountants. InCite members receive a 30% discount.
Financial Guardians has partnered with the California Society of Tax Consultants to provide a 30% access discount as well as many other offers. More info can be found at www.cstcsociety.org
