Stay Calm and Patch On: VPLS Investigates Meltdown and Spectre

MELTDOWN AND SPECTRE SECURITY FLAWS

Two major computer security flaws have been discovered, known as Meltdown and Spectre. Jann Horn (Google) and Paul Kocher (Rambus), made the impressive discovery and were set to publicly disclose their findings later in the week. However, news of Meltdown promptly leaked out when The Register, a science and technology website in Britain, aired the news on Tuesday.

The Problem

Meltdown and Spectre bypasses security measures on desktops, laptops, smartphones, and cloud service networks that are equipped with Intel, AMD, or ARM Holdings microprocessors. The security flaw has the potential of exposing data files (such as SSL keys, passwords, etc.) to theft or loss.

Meltdown specifically targets Intel microprocessors, which are found in nearly every machine worldwide. Spectre, a more difficult and rare exploit, can affect any microprocessor, such as Intel, AMD, and ARM microprocessors.

The Solution

As of today, major tech groups such as Google, Amazon, and Microsoft are working together to provide necessary patches and software updates. Both researchers and companies like Microsoft and Amazon, have worked tirelessly through the holiday season to roll out necessary patches.

Computer security experts are using a patch, known as Kaiser, as a software solution in response to the Meltdown security flaw.

As for Spectre, a solution has yet to be discovered and will likely pave way to a complete renovation of the way processors are designed. Fortunately, Spectre is much harder for attackers to exploit.

VPLS to the Rescue!

VPLS will be scheduling emergency maintenance repairs to address the situation. As always, VPLS is actively monitoring the situation and will keep you updated, as information becomes available.