Watercooler news to discuss with friends, coworkers and more by Computer Resources


January 3, 2018: Notice of Vulnerability CVE-2017-5733, CVE-2017-5715 (Spectre) and CVE-2017-5754 (Meltdown)

Meltdown and Spectre Side Channel Vulnerabilities

On January 3, a set of vulnerabilities known as Meltdown and Spectre were announced. These vulnerabilities effect many modern computer processors. Exploitation of these vulnerabilities could allow an attacker to obtain access to sensitive information.  At this time, the industry is unaware of any active exploitation but given the scope of these vulnerabilities, it is expected that exploits will be developed. 


How does this affect Computer Resources Inc. solutions?

Computer Resources products use several different operating systems and operating environments.  We are in the process of evaluating the impact and applying appropriate remediation including patches and firmware upgrades.

For the Computer Resources monitoring service and for our backup product, it is important to note that although technically they have the same vulnerability, they are implemented on dedicated and hardened infrastructure making them closed systems and are not directly exploitable.


A General Word About Patching

For those on virtual environments, it is important to patch the hypervisor. Patching of the secondary operating systems is a best practice.

The Computer Resources Inc. service cloud products and backup products run on closed systems, which are less exploitable; however, we will provide updated versions with the latest OS patch. No action is required as all updates will be handled by the Computer Resources Inc.Ops team.


Jan 5 UPDATE: For  Clients

IMPORTANT: Microsoft patches require a compatible version of Anti-virus (AV) in for the patch to run successfully. Check with your AV vendor to ensure you have the correct AV version to avoid any unwanted outcomes.

If Computer Resources provides your AV: We are currently in investigation and compatibility testing for AV Defender and Managed Anti-virus (MAV) and we will keep you informed on the progress and when to proceed with patching. Please check back here for updates.


This notification will be updated as we receive new information on improved, patches, AV compatibility or any other information as it becomes available.

For additional information, please refer to any of the links below: