Meltdown & Spectre Vulnerabilities

Two new hardware vulnerabilities, dubbed Meltdown & Spectre, discovered independently by researchers from academia and Google, underscores a microprocessor flaw that, if exploited, could allow an attacker to read data from memory. The vulnerabilities affect most modern processors and can only be mitigated through operating system patches.

SurePrep’s providers (Amazon, Microsoft, IBM, etc.) have been engaged for months in remediating the vulnerabilities and you can read their statements regarding the vulnerabilities below:

Amazon: https://aws.amazon.com/security/security-bulletins/AWS-2018-013/

Microsoft: https://azure.microsoft.com/en-us/blog/securing-azure-customers-from-cpu-vulnerability/

IBM: https://securityintelligence.com/cpu-vulnerability-can-allow-attackers-to-read-privileged-kernel-memory-and-leak-data/

The security of SurePrep’s systems and client data is our top priority. We are monitoring the vendor responses closely and will be providing an updated status when the related patches/fixes are in place and validated.

For more information regarding Meltdown and Spectre visit https://meltdownattack.com/