Meltdown and Spectre

There has been a significant amount of media attention around Meltdown and Spectre and we would like to reassure the University that the Office of Information Technology is taking every step necessary to maintain the security of the University's information.

What is Meltdown and Spectre?

Meltdown and Spectre are vulnerabilities in the security of all technology with modern central processing units (CPU). Information that should be secured by CPU's can be acquired by entering specially crafted commands to an individual's machine.

What is the Office of Information Technology doing to fix the issues?

The Office of Information Technology is focusing on applying Microsoft "patches" or repairs to the Remote Desktop environments and the Test Systems first. Once the repairs for those two systems have been validated, tested and implemented, OIT will move on to all other University systems. There is the possibility of slow-downs in University systems once the repairs have been made.

Our cloud service providers such as Workday, Peoplesoft, Canvas, NevadaBox and Office 365 are also working on applying patches as soon as they are available. 

There is no evidence or reason to believe that any breaches have occurred to any University system. However, we do advise users to be extra cautious of possible phishing attacks by following these steps:

1. Do NOT click on any links from suspicious emails
2. Do NOT share account information
3. Do NOT enter any of your credentials on suspicious or unknown websites
4. DO forward suspicious email messages to abuse@unr.edu

If you have further questions or concerns please contact the OIT Support Center