Recently one of the most widespread security issues in modern computing history was discovered. These are known as "Meltdown" (CVE-2017-5754) and "Spectre" (CVE-2017-5715), these affect practically every computer built in the past 20 years, running any operating system.

What are Spectre and Meltdown?

Spectre and Meltdown are flaws found in a number of processors from Intel AMD and ARM that could allow hackers to access passwords, encryption keys and other private information from any open applications.

These flaws were originally found by a number of people of the online IT community including a member of Google's Project Zero. It was revealed that these flaws had been present in chip designs for over 20 years, meaning that these flaws affect a large number of devices from PCs to web servers and even smartphones and tablets.

How bad is it?

At the time of writing this article it seems that both Spectre and Meltdown flaws have not been used in an attack, meanwhile, device manufacturers are working with processor companies such as Intel, ARM and AMD to find a solution to these flaws.

According to Intel, these flaws are not able to corrupt, modify or delete data but along with Intel, AMD and ARM are working together, despite differences, to fix these flaws. Unfortunately, at this point in time, it seems that the Spectre flaw may require a redesign to fix the flaw. On the upside, this means that future processors should be free from the Spectre and Meltdown security flaws. This ultimately means that you don't have to be too alarmed but this does mean that you should keep an eye on any updates that your devices offer also follow the following advice we provide then you should be safe against the Meltdown and Specture CPU security flaws.


Before making any of the changes below please make sure you backup all of your data. If you are using any Antivirus software, you should first check compatibility with the software vendor.

How can you patch these vulnerabilities?

We have already patched our shared hosting servers and we will be applying the patch to our cloud hosting and email service very soon. We recommend to all our customers that have a VPS/Dedicated Server/Cloud Server package(s), please perform the following steps depending on the Operating System installed on your order. In case of Managed Servers, please reach out to us in case you face any issues while following the provided steps.

For Debian/Ubuntu

  1. Update and upgrade your packages using apt-get:
    $ apt-get update && sudo apt-get dist-upgrade
  2. You'll need to reboot your server to apply the changes:
    $ reboot

For CentOS/Fedora, use either of the two methods mentioned below

  1. You can initiate a full yum update using the below command:
    $ yum update
  2. Just update the kernel packages:
    $ yum update "kernel*"
  3. You'll need to reboot your server to apply the changes:
    $ reboot

For Windows (Steps 1 and 2 are documented on Microsoft's website)

  1. Apply the latest Windows update available
  2. Enable mitigations in your registry
  3. Apply a microcode firmware update for your CPU

Please Note: Applying the patches may have a negative impact on overall performance.

Due to the way this vulnerability was made public, not all patches and updates may not be currently available.

Please feel free to contact us if you have any doubts regarding this notice.

Friday, January 12, 2018

« Back