Meltdown and Spectre Vulnerabilities
Wednesday, February 28, 2018
FLIR is aware of new vulnerabilities in hardware processors named "Spectre" and "Meltdown". These are a newly discovered class of vulnerabilities based on a common chip architecture that, when originally designed, was created to speed up computers.
On January 3, 2018 a team of security researchers disclosed several software analysis methods that, when used for malicious purposes, have the potential to improperly gather sensitive data from many types of computing devices with many different vendors’ processors and operating systems.
At this time of publication, we have not received any information to indicate that these vulnerabilities have been used to attack customers.
You can learn more about these vulnerabilities at Google Project Zero.
Protecting Your FLIR Security Product
For malware to compromise security using these exploits, it must be running locally on a system. FLIR strongly recommends following good security practices that protect against malware in general, as that will also help protect against possible exploitation. This includes ensuring devices that are using a Windows OS such as Latitude, Horizon, Meridian and USS servers are deployed with the recent Windows updates and employing anti-virus updates.