Security researchers this week found two critical vulnerabilities, “Meltdown” and “Spectre”, that impact nearly all operating systems industry-wide. This is one of the most broadly reaching vulnerabilities we’ve ever seen.
What does this mean?
The exploits allow normal user programs to access sensitive content in kernel processing and memory areas. These vulnerabilities could lead to passwords and user accounts being exploited by attackers.
Meltdown affects Intel and Apple processors, and uses privilege escalation to gain access to kernel memory.
Spectre affects Intel, ARM, and AMD processors, and tricks processors to perform malicious instructions, which grants access to all information in applications’ memory space.
The vast scope of these vulnerabilities means that nearly all computer systems from the last 20 years are at risk of being compromised. The good news is that there’s no evidence these vulnerabilities have been exploited or weaponized in the wild yet.
What is HostDime doing about it?
Both “Meltdown” and “Spectre” require immediate software patching to secure servers and PCs. The HostDime Abuse & Security team is hard at work on a plan of action to patch these vulnerabilities ASAP. Software updates will begin to roll out today, and then reboots will be performed in phases over the next week to complete the updates, which should be the only instances of downtime. Unfortunately due to the nature of these vulnerabilities, there are a number of systems and software manufacturers that need to publish patches, meaning HostDime can only patch systems and software as quickly as the necessary updates become publicly available. Additional firmware updates and reboots may be required as some revised updates are released.
Stay tuned to this blog and our social media outlets for more updates.
This article was written by Content Strategist Jared Smith and Client Relations Manager Michael Wight.