By now you should be aware of the “Meltdown and Spectre” CPU and chip bugs.
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware bugs allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs. This might include your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents.
Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.
Despite it being known as the “Meltdown AND Spectre” bug, it is actually 2 different processes at work.
You can find a really good read about it on https://spectreattack.com/
What about hosting?
You probably didn't think about this one. It is part of your life in all aspects but also distant so one tends to not think about the possible consequences.
The bad news is that all websites and online services are vulnerable as well. I can’t speak for other hosts and even your bank but we at XMS Systems and Exelwebs are doing what we can to ensure the problem is mitigated.
Know that it basically impacts everything.
Latest from the engineers at our datacenters.
We're monitoring patches that are being worked on and that have been released thus far. We use the live kernel patching system KernelCare on most of our infrastructure and eagerly awaiting patches from them and more information in general.
As of now, I've not seen any information about attacks happening in the wild and hopefully things will stay that way for a while since this was discovered by a white-hat group and details shrouded in secrecy.
Updated on 5 January 2018
As of this post, patches for CentOS 6 and 7 have been released from RedHat and rebuilt/released to the CentOS repositories.
Microcode updates are expected from Intel next week which will require further reboots for some service types.
The impact varies depending upon service type.
Our cloud platform back-end was fully patched as of yesterday (4 January 2018). The kernels inside of customer VMs will need to be updated and we will be reaching out to customers regarding this.
1/4/18 1200 CST: Patched
Patches have not been released for this platform as of yet. We are eagerly awaiting both upstream patches and patches from our live-update kernel vendor. We do not yet know if live-patching the kernel will be possible for all of the vulnerabilities. Once the upstream patches come out we will have more information to make an informed decision on exactly how to proceed.
No action will be necessary for customers on these packages.
1/5/18 1100 CST: Awaiting Upstream Patches
We are in the process of reaching out to all customers with dedicated servers regarding the patch. A reboot of your server will be required.
1/5/18 1100 CST: In Progress
1/5/18 2140 CST: All customers notified
What you can do.
We are monitoring all “Admin” logins to your website by default. So usually are aware when you or one of your staff members logs in. However please do keep an eye on your website yourself and if you see any unusual activity in terms of members logging in, please give us a shout immediately. We can shut down your website with the click of a button if needed.
Regards and keep your personal information safe.
Fred Mac Donald