Archived AnnouncementsBack to Announcements Page
Vulnerability Information Spectre and Meltdown represent a new class of side-channel attacks that impact most processors, including processors from Intel, AMD, and ARM. The attack allows malicious userspace processes to read kernel memory and malicious code in guests to read hypervisor memory. Affected Software This vulnerability affects multiple components of the Druva Cloud Service for both inSync and Phoenix from our IaaS/PaaS, as well as operating system vendors. Mitigation/Resolution While the vulnerability is fairly difficult to exploit, Druva is working with its IaaS/PaaS and operating system vendors to accelerate their schedules for delivery of the latest patches to resolve the vulnerability. Once we receive the patches from these vendors, they will immediately go through our vulnerability management process, QA’d, and pushed to our production cloud product instance. Contact For any additional information regarding this update, please contact security@druva.com. |