News

QCIF tackles Meltdown and Spectre vulnerabilities

QCIF has successfully patched QRIScloud and its other compute resources to guard against one security vulnerability discovered earlier last month, and is working towards patching a second one.

In early January, QCIF became aware of two related security vulnerabilities, Meltdown and Spectre.

These vulnerabilities allow a process running on a compute host to bypass security controls and access the in-memory data of other processes running on that same compute host.

QCIF has been actively investigating these vulnerabilities, and has successfully applied patches to address the Meltdown issue. As patches become available for the Spectre variants, QCIF will promptly apply them to its compute infrastructure.

We appreciate that the application of these critical security patches can at times cause disruption to some users, but unfortunately in instances like this, rapid action is necessary to maintain the security of custodian’s data.

Nectar has published a response to the vulnerabilities, as has QCIF.

If you have any concerns, please contact the QRIScloud Help Desk: This email address is being protected from spambots. You need JavaScript enabled to view it..