IBM Security statement on the Spectre and Meltdown vulnerabilities
As many clients are likely aware of by now, 2 major security flaws impacting chipsets across the PC and mobile spectrums have unfolded over the last day or so. Meltdown (Intel only) and Spectre (Intel/AMD/ARM) can expose highly sensitive information and impact millions of devices. For a deeper understanding, start here: https://meltdownattack.com/
Here is the statement from Google on Spectre: https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html
IBMs statement is as follows:
"IBM has been made aware of this vulnerability and is working across the ecosystem on remediations. The most immediate action you can take to protect yourself is to prevent execution of unauthorized software on any system that handles sensitive data and to continue to monitor thePSIRT blog** for continuous updates as they become available.
We have the industry’s most extensive capabilities, expertise and technologies to mitigate vulnerabilities, from chips, to operating systems, encryption, databases and applications, to one of the world’s largest commercial cybersecurity businesses, which monitors 35B events per day for clients, and the industry’s preeminent Research team. All are available to help you manage this situation."**
CPE | Name | Operator | Version |
---|---|---|---|
ibm maas360 | eq | any |