Security Bulletin
Summary
IBM Security statement on the Spectre and Meltdown vulnerabilities
Vulnerability Details
As many clients are likely aware of by now, 2 major security flaws impacting chipsets across the PC and mobile spectrums have unfolded over the last day or so. Meltdown (Intel only) and Spectre (Intel/AMD/ARM) can expose highly sensitive information and impact millions of devices. For a deeper understanding, start here
Here is the statement from Google on Spec
IBMs statement is as follows:
"IBM has been made aware of this vulnerability and is working across the ecosystem on remediations. The most immediate action you can take to protect yourself is to prevent execution of unauthorized software on any system that handles sensitive data and to continue to monitor the PSIRT blog for continuous updates as they become available.
We have the industry's most extensive capabilities, expertise and technologies to mitigate vulnerabilities, from chips, to operating systems, encryption, databases and applications, to one of the world's largest commercial cybersecurity businesses, which monitors 35B events per day for clients, and the industry's preeminent Research team. All are available to help you manage this situation."
Get Notified about Future Security Bulletins
*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.
Disclaimer
Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.
Was this topic helpful?
Document Information
Modified date:
28 August 2018
UID
ibm10729567