Critical Intel, AMD and ARM Processor Vulnerability, Cyber Security Impacted

Over the last 48 hours, details of two critical hardware vulnerabilities Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) emerged that impact the majority of computers running Intel processors (Spectre and Meltdown), AMD and ARM processors (Spectre). As a cyber security threat, it may be possible for hackers to craft an exploit such that memory content of an impacted system can be read.

The potential cyber security ramifications of these hardware vulnerabilities is critical. Macquarie treat all security vulnerabilities and incidents with the highest priority and as a result we have been working with our hardware and software vendors to plan and execute any necessary fixes and patches.

Our customers have received communication regarding any potential impact to their environments, and we will continue to keep them updated.

Fortunately, there are many software patches for both Spectre and Meltdown. Patches have been released for Windows, Linux and macOS. It is not sufficient to rely on anti-virus or malware solutions for protection against these vulnerabilities. We urge all customers to immediately ensure their operating systems are fully patched. We have already been working to ensure full compliance for customers that have a managed patching service with us. It should also be noted that these vulnerabilities impact dedicated servers, virtual servers and containerised (LXC and Docker) environments.

Macquarie will continue to prioritise the fixes to these vulnerabilities to ensure our cloud environments are fully protected with minimum disruption.