Security Advisory for Meltdown and Spectre

Last week two critical security threats, called „Meltdown“ and „Spectre" were made public, that exploit common features of modern microchips.

Teamwire, Jan 08 2018

Teamwire is concerned about these security flaws. These issues apply to all modern processors and affect nearly all computing devices and operating systems – iOS, Android, Windows, OS X, Linux, etc. For everybody, who works with smartphones, tablets, computers or other gadgets with microprocessors, it is very important to apply all software updates for operating systems and minimize the risks of potential attacks.

 

Since the disclosure of the security threats Teamwire has been intensively investigating these potential vulnerabilities. If vulnerable processors are present, these issues may impact computing devices and operating systems running software products like Teamwire. However, there are no known exploits for Teamwire.

 

In general in order to exploit „Meltdown“ and „Spectre“ a malicious app has to be loaded on your computing device. Therefore we advise our customers, users and channel partners to make sure to only download any digital content, software and apps from trusted sources (=> this is especially important when browsing the web or opening email attachments).

 

In order to cover and remediate all potential risks we are collaborating closely with software vendors, technology partners and infrastructure providers to make sure to mitigate any possible impact. We are currently updating our cloud infrastructure and affected hardware and software. In addition, the images provided by Teamwire for private cloud or on-premise setups are currently being updated and patched. We will inform customers and channel partners as soon as we have a release.

 

IMPORTANT recommendations for our cloud customers:

 

– Please install the newest software updates with patches for the operating systems and the browsers of your computing devices as soon as available.

 

IMPORTANT recommendations for our private cloud and on-premise customers:

 

– Please install the newest software updates with patches for the operating systems and the browsers of your computing devices as soon as available.

 

– Please install the newest software updates with patches for the operating systems of your infrastructure as soon as available.

 

– For VMware patches are already available: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html

 

For technical specifics and information on advisories for Meltdown and Spectre, please check the following links:

 

Meltdown
https://nvd.nist.gov/vuln/detail/CVE-2017-5754

 

Spectre
https://nvd.nist.gov/vuln/detail/CVE-2017-5715
https://nvd.nist.gov/vuln/detail/CVE-2017-5753

 

If you have any further questions regarding these security threats, please contact the Teamwire support.

 

We will keep this page updated in case of new developments and statements.

Related Reads

Security

The New Terms of WhatsApp and the Consequences for Businesses

Recently Whatsapp announced an update of its terms and privacy policy, and made several significant changes that were kind expected since the acquisition of Whatsapp by Facebook in 2014.

Product Highlights

How to Select an Enterprise Messaging App

Businesses, who are looking for an enterprise messaging app, often wonder how the various vendors compare, what differentiating attributes the solutions have and which must have features a messaging app should have.

Security

Successfull Cloud Security Alliance STAR Assessment v3.1

Teamwire has completed the Consensus Assessment Initiative Questionnaire (CAIQ) in the latest version 3.1. of the Cloud Security Alliance (CSA) for its business messaging app to demonstrate compliance with all major IT security standards and best practices.