Important Update on Spectre and Meltdown OS Vulnerabilities

Dear AlertSite Customer,

 

You have probably heard about the serious vulnerabilities discovered in the core design of modern CPUs.  Two specific vulnerabilities have been identified:  Spectre and Meltdown.  Current reports state that these vulnerabilities compromise the data isolation between the CPU and user applications, potentially allowing malware access to sensitive data.

 

Nearly all Intel processors are impacted, regardless of the Operating System running on the machine.  This means that the majority of laptops, desktops, and servers are all susceptible.  At present, there are no known instances of anyone exploiting these vulnerabilities in the wild.

 

What does this mean for AlertSite? 

 

As patches are being readied by OS vendors, our dev and ops teams are in the process of evaluating the potential performance impacts of these OS updates.  Because the OS fixes place additional layers of isolation between the Operating System and user applications, there is a strong potential for some performance degradation.  We will be evaluating the impact to our public monitoring nodes, our core SaaS platform, and our PrivateNodes.  Once we have certified the patches with our application code, we will update all public nodes and the SaaS platform.  Our approach to updating PrivateNodes may vary depending on the type and version of your private nodes (i.e, hardware InSite versus VM and the version number of each server).

 

We will provide additional information as we learn more and begin updating the AlertSite infrastructure.

 

If you have additional questions, please reach out to me or your customer success manager.

 

Thank You!