Understanding the two new scary security issues - The Meltdown and Spectre vulnerability

Recent Posts

Understanding the two new scary security issues - The Meltdown and Spectre vulnerability

What VpsCity customers need to know

In this digital age of technology, technology helps us in getting connected to one another and be more productive. But have you ever wondered how secure they are? Well, new vulnerabilities named Meltdown and Spectre, which exploit critical vulnerabilities in modern processors have just been discovered. These hardware bugs allow programs to steal data being processed on the computer.

What is Meltdown and Spectre?

Meltdown is a security flaw that could allow hackers to bypass the hardware barrier between applications run by users and the computer’s core memory, which is normally highly protected. Spectre is slightly different. It potentially allows hackers to trick otherwise error-free applications into giving up secret information.

Do you have a VpsCity Support Plan?

If you have a management plan with us, you do not need to worry about anything as VpsCity will automatically run the latest security updates on your server. If you do not have a support plan, you will need to run these updates manually.

We will be rebooting all virtual servers on our network as part of the patch process for spectre and meltdown vulnerabilities discovered recently. These patches generally mitigate the vulnerabilities by altering or disabling how software code makes use of the speculative execution and caching features built into the underlying hardware. The downside of this, of course, is that these features were designed to improve system performance, and so working around them can slow your systems down. We will persevere to improve all services and make your experience with VpsCity as best as possible.

VpsCity customers who remain concerned and would like to know more can contact VpsCity support, to learn more about this or any other topic relating to our technology.

Is it Serious?

Yes, the problem with Meltdown is that anything that runs as an application could in theory steal your data, including simple things such as javascript from a web page viewed in a browser. Spectre, on the other hand, is harder for hackers to take advantage of but is also more difficult to fix and is expected to be a bigger problem in the long term.

Why are Meltdown and Spectre dangerous?

Spectre and Meltdown both open up possibilities for dangerous attacks. For instance, JavaScript code on a website could use Spectre to trick a web browser into revealing user and password information. Attackers could exploit Meltdown to view data owned by other users and even other virtual servers hosted on the same hardware, which is potentially disastrous for cloud computing hosts. But beyond the potential specific attacks themselves lies the fact that the flaws are fundamental to the hardware platforms running beneath the software we use every day. Even code that is formally secure as written turns out to be vulnerable, because the assumptions underlying the security processes built into the code — indeed, built into all of computer programming — have turned out to be false.

What can I do about it?

Users can do little to avoid the security flaws apart from update their computers with the latest security fixes as soon as possible. Fixes for Linux, Windows and MacOS are already available.

Share this post

Recent Posts

Did You Like This Article?
Talk To One Of Our Experts Now!

Chat Now!
Expert Customer Support

Call Us Now!

  011 998 8020