The National Center for the Integration of Communications and Cybersecurity of the United States (NCCICfor its acronym in English) discovered the 3 of January of 2018, that some CPU hardware implementations are at risk of a type of security vulnerability called Specter and Meltdown.
What do these vulnerabilities imply? How does it affect me personally? Does the data management of my company affect?
What are these vulnerabilities?
Specter and Meltdown vulnerabilities affect all modern microprocessors, specifically to its ability to execute speculative accesses to memory..
All these modern microprocessors They try to improve their performance by anticipating what they think will happen with the millions of conditions they constantly review. They speculate with the result. If they believe that something is going to be achieved, will make the necessary accesses to the memory so that when it occurs runtime can be improved. If it doesn't happen, are discarded.
Therefore data is loaded into cache with anticipation that it will be needed. And the problem comes precisely because of this cache data. According to NCCIC, an attacker could exploit these vulnerabilities security to gain unauthorized access to this data in memory, what can include confidential information.
To mitigate these potential problems manufacturers have released patches what they do, basically, it is remove all that speculative execution functionality. But by removing this functionality, we remove the ability to improve performance based on that speculation. Or what is the same processor performance drops with patches. Specifically, performance drops to 30%.
How does it affect me personally?
It is not normal for a particular person to be affected by these vulnerabilities. Apple has already confirmed that its devices are affected but clarifies that there are no known exploits that impact its customers.
Just remember that to be affected, a malicious application must be loaded on the system, so the recommendation is clear: download and install only software from trusted sources.
Do they affect my company's data management?
Businesses suffer when it comes to performance. As noted above, after patching, Server performance can be reduced by up to 30 percent. For this reason It is important to ensure that administrators monitor the performance of business-critical applications and services.. along with this, they should work with their service provider to see if the effect can be mitigated.
For Informatica CustomersFor instance, the company has announced that to help its customers, will provide up to a 30% more free CPU capacity during 30 days, from the moment the patch is applied. You will offer it for both your local and cloud customers. Therefore, Meanwhile, customers can calculate the additional amount of CPU capacity they will need so as not to reduce your benefits.
This is very useful for all those clients who are currently facing a complex situation, which can help them assess their needs.
To activate the offer, Informatica customers must log in to their account and submit a request via a support ticket to Informatica Global Customer Support (GCS).. Thus, get a temporary solution to the capacity decrease while evaluating operating system patches.
If it affects you and you have doubts Get in touch with one of our experts so they can help you.
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = “//connect.facebook.net/es_ES/all.js#xfbml=1&status=0”;
fjs.parentNode.insertBefore(js, fjs);
}(document, ‘script’, 'facebook-jssdk'));
