You may have heard in the past few days that two critical vulnerabilities have been discovered that affect all Intel processors (CPUs) produced over the past 10 years. This therefore affects desktop computers, laptops, servers and many other devices. This is a critical security issue that potentially allows for access to information on a computer/server that a process should not have access to and unfortunately due to being a processor based issue it is a hardware bug.
Example details of this bug can be found here: https://www.wired.com/story/critical-intel-flaw-breaks-basic-security-for-most-computers/
Mitigation against the security issues this poses is being rolled out by all OS vendors. Updated Linux Kernels are already being distributed and Windows updates are due next week for "Patch Tuesday".
Whilst the Linux updates are only just rolling out today, we have at this point already patched our entire server estate as security issues are always a priority for us to address. A downside to these updates are that there may be a performance impact on any devices that receive the security patch - there is however no workaround for this. We do not run any of our servers anywhere near capacity and so do not expect to see any impact from this, however this is still an unknown at this point and further defined OS patches are likely to be released by operating system vendors in the coming months.
Thursday, January 4, 2018