Meltdown and Spectre Vulnerability awareness, 9 January

Tue, 9 January 18


Update: 9th January

IT Services are continuing to closely monitor information regarding the recently detected processor design flaws, known as Meltdown and Spectre.  Vendors are still working through solutions to this vulnerability.

 

What is happening:

A design flaw has been detected in Intel, AMD & ARM processors which has become public in recent days.  These flaws are commonly being referred to as the “Spectre” and “Meltdown” issues. ( CVE reference number for these issues are CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754.)  

The vulnerability affects the kernel of CPU chips (Intel, AMD, ARM) which are used in computers, servers and mobile devices. The flaw is a local privilege escalation vulnerability meaning that a user who already has some access to the system can leverage that access to gain privileged information.   

Vendors are currently investigating this vulnerability. IT Services are monitoring the situation and will publish further updates here when available.