Update on CPU Security Vulnerabilities: Meltdown and Spectre

Security

You’ve probably already read about one of the most widespread security issues in modern computing history — colloquially known as “Meltdown” (CVE-2017-5754) and “Spectre” (CVE-2017-5753 and CVE-2017-5715) — affecting practically every computer built in the last 20 years, running any operating system.

Spectre and Meltdown are the names of the flaws found in a number of processors from Intel, ARM and AMD that could allow hackers to access passwords, encryption keys and other private information from open applications.

So far it doesn’t look like the Spectre or Meltdown flaws have been used in an attack, and device manufacturers are working with Intel, ARM and AMD to fix these flaws. The exploits can’t corrupt, modify or delete data.

Hopefully future processors should be free from the Spectre and Meltdown security flaws. So, don’t be too alarmed, but keep an eye on any updates your device offers.

We shall be patching our Shared Hosting and VPS/Dedicated Server infrastructure very soon. However, if you have VPS/Dedicated Server package(s) with us, please perform the updates fro your Operating System.

Please Note: Applying the patches may have a negative impact on overall performance.

Phase 1 of Google’s Plan to Mark Non-Secure Sites

Security, SSL Certificates

The release of Google Chrome 53 saw the first phase implemented in Google’s long-term vision of HTTPS becoming the internet standard. Eventually, every single website without SSL will have a red warning symbol with “Not Secure” next to it within the Chrome environment. For now, Chrome is marking all non-secure sites with an information radial that further explains a website has no encryption.

This will go a step further starting in January of 2017 for websites with password or credit card fields.

Be sure to get a Certificate for your website before it’s too late! We offer more than 70 different types of SSL Certificates starting from 9.75€/year w/o VAT.