A recent vulnerability was announced yesterday, January 3, 2018, affecting all modern processors. There are two parts to the released vulnerability, and they are as follows:
Meltdown: Allows applications to access operating system memory, providing access to secrets such as passwords. This affects modern Intel chips. There are patches available, however, they may cause a reduction in performance by up to 30%.
Spectre: Breaks the isolation between error-free applications, which allows a malicious application to read memory from another application. This affects all modern chips; Intel, AMD, and ARM.
This is considered a hardware vulnerability and is thus more difficult to mitigate by software means. However, major vendors are already providing updates for their customers to address the proposed threats.
More information about these vulnerabilities can be found here.
In the meantime, we will be monitoring and applying any relevant patches to multi-tenant environments.
Customers with any questions or concerns, please contact us per live chat or e-mail.
Donnerstag, Januar 4, 2018