The Meltdown and Spectre Exploits
By now you may have heard about the Meltdown and Spectre exploits that people in the media have been talking about at length. This post is to help keep you informed about these exploits and how they might affect your hosting services here at Vivio.
The Meltdown Exploit
The Meltdown exploit is probably the one that you’ve been hearing about the most. The Meltdown exploit uses a design flaw in Intel CPU chips to read portions of system memory (called a cache). This can potentially lead to sensitive information disclosure such as passwords, credit card data, and more. That is why the media is going to town on these two exploits.
Of the two exploits discussed here, Meltdown is by far the easiest to exploit and run, so you’ll likely see more malware or ransomware based on it if any badware were to be released in the wild.
Does Meltdown Affect Hosting?
The Meltdown exploit only affects Intel CPU’s. As the vast majority of Vivio runs on AMD CPU’s, the Meltdown exploit does not affect the vast majority of Vivio clients. This includes ALL Shared Clients, and VPS clients.
Vivio does, however, sell Intel CPU’s on Dedicated Server platforms. Those of you who have Dedicated Servers with Intel CPU’s will need to ensure that your Operating Systems (both Windows and Linux) are patched to prevent this exploit from being a problem on your machines.
The good news about this exploit is that is exploitable only once an attacker already has significant access to your machine. If you follow standard best-practices with regards to the security of your dedicated server, it is likely that this exploit will not be a danger to you even if your system is currently vulnerable.
The Spectre Exploit
The Spectre exploit is the more subtle of the two exploits talked about here, though it uses similar methods. Unlike the Meltdown exploit, the Spectre exploit affects all CPU architectures, but similarly to Meltdown, the attacker already has to have significant access to your machine in order to use the Spectre exploit on your server. Again, if you’re employing default best-practices for your server (firewalls, regular updates, AV), you should already have fairly good protection against it.
More good news, the Spectre exploit is very difficult to take advantage of. Reading memory using the Spectre exploit is slow and cumbersome, only allowing you to access very small chunks of information at a time.
Does Spectre affect my Hosting?
In short, yes. Again, someone would already need significant access to your machine already in order to exploit Spectre, but it is possible.
What Can I Do to Stay Protected?
Simply patch your machines with the latest OS kernel updates. If you need help, or want Vivio to patch your machine using Managed Support, simply contact us and we’ll be happy to help!