Spectre and Meltdown
You may have seen recent press coverage regarding the ‘Spectre’ and ‘Meltdown’ vulnerabilities that affect a large number of computer processors, which run the majority of internet servers, desktops, and even mobile devices.
Both these vulnerabilities centre around malicious software being able to see things that would normally be hidden by the operating system and hardware working together.
As such while our appliances are affected by this vulnerability, an immediate patch is not required, as there’s no route to exploit it: another, more serious exploit would be required.
Current workarounds have a negative impact on performance, and may not mitigate both bugs. Given the negative impact of early workarounds and the relatively low impact on Smoothwall systems, Smoothwall will take a more nuanced view on which mitigations to apply, and when.
Smoothwall systems in both public and private cloud are either already patched, or will be shortly, as shared infrastructure is an area where Spectre and Meltdown are potentially exploitable. For more information on the threat, click on this link https://meltdownattack.com/