Meltdown & Spectre Vulnerabilities in Modern CPUs
- Patches against Meltdown for Linux and Windows (KPTI, formerly KAISER) have been deployed.
- All instances of web browsers used for automated testing and such have been updated.
- VMware has also released a patch for Spectre. ESXi is not affected by Meltdown. Both the host and the guest OS will need to be patched.
- We’ll be releasing patches for our on-prem environments as soon as we complete performance testing that is currently underway.
Some recommendations to ensure your personal devices are safe:Microsoft has also released a patch to address exploits from Meltdown. However, they noted that, unless a registry key is updated by the antivirus package, installing the security patch can result in a blue screen of death (BSoD).Apple has already released mitigations in iOS 11.2, macOS 10.13.2. All users should ensure that they are running the latest versions of these.To protect against web based exploitation, users should ensure they have the latest versions of web browsers installed and for older versions of Chrome, it’s recommended to enable additional security flag: https://support.google.com/chrome/answer/7623121?hl=enThe Egnyte Security Team is continually monitoring the latest news on Meltdown and Spectre vulnerabilities to ensure we stay up to date on all mitigations for Egnyte products, infrastructure as well as internal IT environment.You can get further details on these vulnerabilities here and here, and remember to update your desktop software daily as there may be more updates coming in to resolve these issues in depth.
Get started with Egnyte today
Explore the best secure platform for business-critical content across clouds, apps, and devices.
LATEST PRODUCT ARTICLES
Don’t miss an update
Subscribe today to our newsletter to get all the updates right in your inbox.