January 5, 2018 – Advisory: InterSystems Response to Meltdown and Spectre Vulnerabilities
InterSystems continuously monitors our systems for any evidence of attempts to exploit vulnerabilities such as the newly announced Meltdown and Spectre attack vectors.
At this time, we have seen no indications of attempts to target InterSystems systems or technology using these vulnerabilities.
- InterSystems is aware of recently reported cyber-security vulnerabilities known as Meltdown and Spectre that affect a wide range of computer processors (See US-CERT Alert TA 18-004A, Meltdown and Spectre Side-Channel Vulnerability Guidance, https://www.us-cert.gov/ncas/alerts/TA18-004A).
- As is the case with other technology companies, InterSystems is examining our products to assess and understand the direct impact of the vulnerability and what appropriate actions to take to remediate any discovered risk.
- Same as with many other companies, InterSystems’ corporate operations and infrastructure uses systems that are impacted by these vulnerabilities.
- InterSystems is working to remediate these operational vulnerabilities as quickly as possible using the applicable patches and firmware updates as they are made available by our vendors.
- InterSystems is also monitoring any performance impact caused by patches and firmware update to develop a plan of action to address if necessary.
- InterSystems continues to monitor this issue and will provide updates as appropriate.
If you have any questions regarding this alert, please contact the Worldwide Response Center.