This alert is to provide guidance concerning the computer processor vulnerabilities being reported in the news. Meltdown/Spectre are vulnerabilities which allow code running on a device to access areas of memory it does not have permission to access. This can result in the compromise of sensitive data such as passwords. Most devices - from desktop PCs to smartphones – are affected by this vulnerability. The UK National Cyber Security Centre are advising there currently is no evidence of any malicious exploitation.
What you can do
Updates are being made available by vendors (for example Apple, Microsoft and Google) in response to this vulnerability. Our advice for University staff and students is to install updates as they become available on your personal devices. Computing Services are testing updates for use on University systems.
When you are prompted to install updates on your University device please do not delay installing them.
If you have any concerns about this issue then please contact us.
We will provide more information as it becomes available and for further details on this issue visit the Meltdown Attack information website.