This is an update from the RM support team to make you aware of the recent vulnerability making headlines and what RM are doing about it to inform and help protect our customers.
The current message from RM can be found here: https://support.rm.com/TechnicalArticle.asp?cref=TEC6034048. Please check back on this technical article as we will use it to update you with our latest advice.
On 03/01/2018 the details emerged of a number of vulnerabilities known as speculative execution side-channel attacks, or more commonly Meltdown or Spectre, which affect most modern processors and operating systems.
How serious is it?
There are two main newsworthy vulnerabilities –
What does this mean? A program run by the user intentionally or unintentionally can access parts of the computer systems memory they should not be able to – including seeing other users on the systems’ data or key operating system data that should be kept secret.
What does this mean? A program run by the user intentionally or unintentionally can access privileged data about processes on the computer its running on.
What is the risk?
Someone does have to click or run some sort of code (though a malicious advertisement on a website is likely to be a vector, along with normal “click on me” email campaigns). These vulnerabilities are of the sort that someone breaching a network (or a user on a network) is looking to escalate their privileges or steal information. So malicious tools are likely to be available for the nefarious network users out there.
User training around not clicking on unknown attachments and links, as always, is key.
The risk right now is low – both issues have no known (at time of writing) active exploits or tools in the wild – this will change over time. So likelihood of attack is low, but will grow over time.
The impact if a machine was attacked varies depending on the context – a user on a standalone PC could have their own data and password’s stolen – though this is currently a slow process it is still possible and could impact that user severely. If the same user on a remote access server was attacked then impact can be far greater as the attacker could compromise all users on that system and further compromise the infrastructure and other servers.
So while the risk is low right now – over time this issue becomes more serious and could have significant repercussions if left unpatched on certain devices, servers, virtual infrastructure, MIS and financial systems and key computers.
These vulnerabilities are of the sort that someone breaching a network (or a user on a network) is looking to escalate their privileges or steal information.
The latest advice from RM can be found here: https://support.rm.com/TechnicalArticle.asp?cref=TEC6034048