Security Advisory for Meltdown and Spectre

Last week two critical security threats, called „Meltdown“ and „Spectre" were made public, that exploit common features of modern microchips.

Teamwire, Jan 08 2018

Teamwire is concerned about these security flaws. These issues apply to all modern processors and affect nearly all computing devices and operating systems – iOS, Android, Windows, OS X, Linux, etc. For everybody, who works with smartphones, tablets, computers or other gadgets with microprocessors, it is very important to apply all software updates for operating systems and minimize the risks of potential attacks.

 

Since the disclosure of the security threats Teamwire has been intensively investigating these potential vulnerabilities. If vulnerable processors are present, these issues may impact computing devices and operating systems running software products like Teamwire. However, there are no known exploits for Teamwire.

 

In general in order to exploit „Meltdown“ and „Spectre“ a malicious app has to be loaded on your computing device. Therefore we advise our customers, users and channel partners to make sure to only download any digital content, software and apps from trusted sources (=> this is especially important when browsing the web or opening email attachments).

 

In order to cover and remediate all potential risks we are collaborating closely with software vendors, technology partners and infrastructure providers to make sure to mitigate any possible impact. We are currently updating our cloud infrastructure and affected hardware and software. In addition, the images provided by Teamwire for private cloud or on-premise setups are currently being updated and patched. We will inform customers and channel partners as soon as we have a release.

 

IMPORTANT recommendations for our cloud customers:

 

– Please install the newest software updates with patches for the operating systems and the browsers of your computing devices as soon as available.

 

IMPORTANT recommendations for our private cloud and on-premise customers:

 

– Please install the newest software updates with patches for the operating systems and the browsers of your computing devices as soon as available.

 

– Please install the newest software updates with patches for the operating systems of your infrastructure as soon as available.

 

– For VMware patches are already available: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html

 

For technical specifics and information on advisories for Meltdown and Spectre, please check the following links:

 

Meltdown
https://nvd.nist.gov/vuln/detail/CVE-2017-5754

 

Spectre
https://nvd.nist.gov/vuln/detail/CVE-2017-5715
https://nvd.nist.gov/vuln/detail/CVE-2017-5753

 

If you have any further questions regarding these security threats, please contact the Teamwire support.

 

We will keep this page updated in case of new developments and statements.

Related Reads

Security

Emergency Recovery Plan

In March, a fire at the data center of the French cloud infrastructure company OVH disrupted, and in some cases destroyed, the services of many companies. Some customers lost data. To protect customer data and ensure high availability of our service, Teamwire has emergency recovery plans in place for such scenarios.

Thought Leadership

Secure WhatsApp Alternative for Enterprises and the Public Sector

Currently many large enterprises, small and medium businesses as well as the public sector look for a secure WhatsApp alternative (e.g. Teamwire) for their organization.

Thought Leadership

The leading chat messenger app

More and more companies understand the transition from email to messaging in communicating with colleagues and teams and are looking for a dedicated enterprise messaging app to improve collaboration and increase productivity.