Currently there’s no one among IT enthusiasts who has not heard about the recently revealed ‘gaps’ in processor security. At the beginning of 2018 the Internet has dropped the bombshell regarding Meltdown and Spectre attacks (in this particular order) which has immediately electrified the entire community.No wonder, the malicious software can get through to sensitive user data.
The good news is that both of Open-E’s software product lines are not vulnerable to Meltdown and Spectre attacks.
What are Meltdown and Spectre?
Meltdown and Spectre are hardware-based vulnerabilities which affect processors, and allow unauthorized users to access the kernel space by locally running exploits in the form of binary files. The result: These hardware vulnerabilities let programs steal the data that are currently processed on the affected computer. As usually programs are not allowed to read the data coming from other programs, a nasty one can take possesion of data saved in the running programs’ memory, e.g. passwords, messages, personal photos, business documents etc.
How can you protect yourself against such attacks?
The answer is simple: update your OS. Major companies like Google, Apple or Windows had either already released adequate patches or will announce their avalability within short time. Be careful though, as hackers are already using the chaos that has spread by sending out fake updates which install other types of malware. Download only the patches that come directly from the vendor of your choice.
Open-E’s official statement on Meltdown and Spectre vulnerabilities
As Open-E Data Storage Software is a closed environment, none of the Open-E products turned out to be vulnerable to attacks using Meltdown and Spectre. With Open-E products, users are incapable to run any kind of unauthorized processes. All processes created by Open-E’s developers run in a separate layer where modifications are impossible.