As the recent security vulnerabilities impacting Intel, AMD and ARM processors were identified yesterday, it became the top priority for our operations team to make sure you, our customers, felt zero impact. Throughout the night, our team gave the matter full-time attention, to ensure that when you woke up this morning you had all of the information and assurance needed to know patches had been taken care of and that there was a plan in place to get things taken care of as quickly as possible.
Perfect Sense holds the security of our customers in the highest regard and aims to provide visibility into how we’re working to mitigate the risks surrounding the three vulnerability variants identified by Google Project Zero, including:
- Variant 1: bounds check bypass (CVE-2017-5753)
- Variant 2: branch target injection (CVE-2017-5715)
- Variant 3: rogue data cache load (CVE-2017-5754)
We know there are still quite a few patches being identified, but we’re working closely with all cloud providers to obtain the most up-to-date fixes in real time.
It’s unlikely that a malicious attacker could exploit these hardware security issues on individual servers, however, we are acting in a manner to ensure the highest standard of protection and security.
The truth is, as hackers become more and more sophisticated, it becomes increasingly important to pay close attention to this type of security defect to avoid potential damages. In fact, a recent IDG article predicts that cyber crime damage costs are predicted to hit $6 trillion annually by 2021.
In the event additional details pertaining to our customers and the Meltdown and Spectre bugs are identified, we will include updates to this blog post in addition to individual correspondence with our customers and team leads.
If you’re looking for more information about Meltdown and Spectre, here are a few resources to check out: