At 10:00pm on 21st May, Intel announced further information about a known vulnerability within its CPU architecture.
This vulnerability follows the Spectre and Meltdown vulnerabilities disclosed in January.
UKFast is aware of the vulnerabilities and UKFast engineers are working with our vendors and with Intel to deliver a patch to ensure our clients are protected. We’re expecting announcements regarding further patching from both Dell and VMware in the coming days.
We are working on a deployment plan with our vendors as patches are released and will provide further information as it becomes available. Your account manager will be in touch with more information as soon as these updates are available.
The vulnerabilities released are rated “medium”, rather than the previous “severe” vulnerabilities. This generation is considered harder for attackers to exploit and we expect to see no attacks as a result of this particular vulnerability.
The variants are known as Variant 4 and Variant 3a, with CVE numbers as follows:
Further updates to follow through the UKFast blog and direct from the team via email.