On Thursday 4 January, Intel released information relating to security exploits affecting their Intel CPUs - referred to as ‘Spectre’ and ‘Meltdown’. The official media release and technical information from Intel relating to these vulnerabilities are below:
- Media Release: Intel Issues Updates to Protect Systems from Security Exploits
- Facts about Side-Channel Analysis and Intel Products
Intel is currently working on patches to resolve the vulnerabilities, which are scheduled to be made available imminently. The nature of these vulnerabilities is of serious concern to all software vendors relying on Intel CPUs.
As the CyberHound solution does not permit arbitrary code execution, which this vulnerability relies on, any risk to our customers is extremely low. We will be proactively providing a firmware update to ensure protection against these vulnerabilities and you will be notified as soon as this is available for install. It is strongly recommended that you upgrade as soon as possible when released.
For customers running a Virtual CyberHound, we highly recommend speaking with your vendor regarding the application of the relevant patches to your virtual hosts as this exploit can affect virtual infrastructure and associated virtual machines.
CyberHound Managed Service customers will receive this update automatically once it is available.
If you have any questions relating to this please contact the CyberHound Support Team on 07 3020 3330 or log a ticket online cyberhound.com/support.