Meltdown, Spectre and what Sentia is doing about them.
You may already have heard about Meltdown and Spectre in the news. In this newsletter, we will provide you with more detailed information about how Meltdown and Spectre may harm your business and what Sentia is doing about them to protect your environment.
What exactly are Meltdown and Spectre?
Meltdown and Spectre are both security flaws that mainly affect Intel processors, although AMD and ARM processors are not immune either.
The security flaw contains theoretically: software processes on servers and computers could access data from other software processes. However, in normal circumstances, this is impossible due to memory isolation. But both bugs behind Meltdown and Spectre make it possible to share sensitive information between processes.
Meltdown (Intel only) makes it possible for a malicious application to access kernel memory. The kernel handles tasks such as saving files and opening network connections.
Spectre (Intel/AMD/AMR) gives access to kernel memory, but also to memory used by other applications.
Random sensitive information (passwords, documents, e-mails, etc.) could therefore be at risk of being hacked.
What does this mean for you?
Luckily, software updates have already been released for Linux, Windows and OS X. In the media, various articles explain that the patches require a lot of computing power, which means they negatively affect the performance of some systems. At the time of writing this post, Sentia has already performed extensive testing and analysed various patches, and we have found no negative cases so far.
Sentia will obviously keep a close watch on this matter for you by monitoring the different players and taking action where necessary.
Do you have any further questions or concerns?
Please contact our Operations team for further details and information.
click here for information about the vulnerabilities.