SecureAuth and Core Security have been monitoring the evolving situation with “Meltdown” (CVE-2017-5754) and “Spectre” (CVE-2017-5753 and CVE-2017-5715) – the recently disclosed processor (CPU) vulnerabilities. Our team has not detected any current impact to customer implementations at this time. We have already initiated our standard processes to test and apply patches in our hosting environments per vendor recommendations.
Timely security patching of all IT systems is also the best method of protecting infrastructure. We continue to recommend that all customers implement security patches provided by hardware, operating system, and application providers as soon as they become available. As additional patches are received from vendors, we will continue to test and implement these without delay.
Network Insight or Vulnerability Insight customers require very high performance that necessitates unique integration with the affected processors. Please contact support to determine additional steps that may be required.