What is Gigya doing about the Meltdown and Spectre security vulnerabilities in processors made by Intel and other companies?
62 Views 2 Helpful

Question

What is Gigya doing about the Meltdown and Spectre security vulnerabilities in processors made by Intel and other companies?

Environment

  • Computers, servers, and mobile devices using Intel, AMD, and ARM processors developed in the last 20 years

Details

On January 3, 2018 the Project Zero team at Google[1] publicly reported vulnerabilities in chips made by Intel, AMD, and ARM that, if exploited, could leave sensitive data exposed. These vulnerabilities were first identified in June 2017 and later confirmed by the manufacturers in separate statements.

Answer

Since the discovery of this vulnerability Gigya has been in close contact with its vendors (AWS[2] and AlibabaCloud[3]) and verified that every shared environment has been patched to guarantee the security of the Gigya hosted data. Although not strictly necessary we are also in the process of evaluating and deploying the patch to all non-shared environments as well. If you have any additional questions or concerns please Contact Gigya Support[4].

Links

[1]: https://googleprojectzero.blogspot.co.uk/2018/01/reading-privileged-memory-with-side.html
[2]: https://aws.amazon.com/security/security-bulletins/AWS-2018-013/
[3]: https://www.alibabacloud.com/forum/read-2878
[4]: https://gigya--c.na87.visual.force.com/a6H400000004DJYEA2

Was this article helpful?