Last week two critical security threats, called „Meltdown“ and „Spectre" were made public, that exploit common features of modern microchips. Teamwire is concerned about these security flaws. These issues apply to all modern processors and affect nearly all computing devices and operating systems - iOS, Android, Windows, OS X, Linux, etc. For everybody, who works with smartphones, tablets, computers or other gadgets with microprocessors, it is very important to apply all software updates for operating systems and minimize the risks of potential attacks.

Since the disclosure of the security threats Teamwire has been intensively investigating these potential vulnerabilities. If vulnerable processors are present, these issues may impact computing devices and operating systems running software products like Teamwire. However, there are no known exploits for Teamwire.

In general in order to exploit „Meltdown“ and „Spectre“ a malicious app has to be loaded on your computing device. Therefore we advise our customers, users and channel partners to make sure to only download any digital content, software and apps from trusted sources (=> this is especially important when browsing the web or opening email attachments).

In order to cover and remediate all potential risks we are collaborating closely with software vendors, technology partners and infrastructure providers to make sure to mitigate any possible impact. We are currently updating our cloud infrastructure and affected hardware and software. In addition, the images provided by Teamwire for private cloud or on-premise setups are currently being updated and patched. We will inform customers and channel partners as soon as we have a release.

IMPORTANT recommendations for our cloud customers:

  • Please install the newest software updates with patches for the operating systems and the browsers of your computing devices as soon as available.

IMPORTANT recommendations for our private cloud and on-premise customers:

  • Please install the newest software updates with patches for the operating systems and the browsers of your computing devices as soon as available.
  • Please install the newest software updates with patches for the operating systems of your infrastructure as soon as available.
  • For VMware patches are already available: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html

For technical specifics and information on advisories for Meltdown and Spectre, please check the following links:

Meltdown
https://nvd.nist.gov/vuln/detail/CVE-2017-5754

Spectre
https://nvd.nist.gov/vuln/detail/CVE-2017-5715
https://nvd.nist.gov/vuln/detail/CVE-2017-5753

If you have any further questions regarding these security threats, please contact the Teamwire support.

We will keep this page updated in case of new developments and statements.

 

Bildschirmfoto 2018 01 08 um 21.57.11