News on Spectre and Meltdown computer vulnerabilities

On January 3, 2018, news broke that security flaws had been discovered in computer processor hardware and the low-level code that controls how these processors work.

These flaws have been named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). They make it possible for malicious code to access information in other running programs by exploiting a CPU feature called speculative execution, which runs software code in advance of when it might be needed to improve performance.

At this time, there are no known cases of malicious software developed to exploit these flaws.

Software and firmware security patches to guard against these flaws have been provided by hardware and operating system software vendors. TransNexus software engineers applied updates to the servers that run ClearIP, our hosted software application for call management and protection, on January 6, 2018 with minimal impact on performance.

We recommend that your IT staff apply appropriate updates to the systems that run your software applications, including on-premise TransNexus applications such as NexOSS and Osprey. These updates could impact the performance of these systems, depending on the hardware, firmware and operating systems they use.

As a developer of software to manage and protect networks, TransNexus takes information technology security seriously. It’s what we do. We will continue to stay on top of security happenings to help keep our customers’ networks safe.