By Christine Sala
As part of the August 14th disclosure by Intel, three security vulnerabilities have been named:
- CVE-2018-3646 (L1 Terminal Fault - VMM)
- CVE-2018-3620 (L1 Terminal Fault - OS)
- CVE-2018-3615 (L1 Terminal Fault – SGX, SMM)
At this time, there is no indication that these vulnerabilities have impacted us or have been used to attack our customers.
Intel has posted detailed information about these vulnerabilities here.
Briefly, each of these vulnerabilities affects a different aspect of the terminal fault vulnerability.
CenturyLink has taken the necessary steps to mitigate this vulnerability through vendor recommended patches and microcode updates. No further action is necessary.
CenturyLink recommends that customers apply necessary security updates in a timely manner.
For Linux users, a number of tests can be performed to validate your level of protection:
Microsoft also provides details on testing and...