You may have recently learned of vulnerabilities pertaining to certain chipsets from Intel, AMD and ARM, which make these CPUs potentially vulnerable to software-based exploits. You should know that Cenlar is fully aware of these vulnerabilities. We have taken a number of actions since the initial announcements, and have also established plans for additional actions.
Below you will find our specific current and/or planned actions in response to these vulnerabilities, in accordance with both their prevalence and the significant level of industry attention they are receiving:
- We have immediately patched all Internet-facing server systems with the vendor operating system (OS) provided patches.
- We are completing further assessment of any potential impacts to Cenlar’s network devices and server inventory.
- We have applied updates to Cenlar’s standard anti-virus engine across Cenlar’s network to include both servers and workstations.
- We have updated necessary registry key entries (as required for AV functionality).
- We are monitoring for browser updates from key vendors (Microsoft, Google, Apple and Mozilla). For browsers that do not enable auto updates, we will build the appropriate deployment package and apply (i.e., Mozilla, Firefox).
- We are surveying Cenlar’s key technology service providers to determine the actions they have taken or will be taking. This is intended to ensure limited risks around vendor hosted and/or supported systems.
Cenlar will continue to monitor and expedite actions around these vulnerabilities, as we are able, given the continued evolution of both the threat and potential mitigation steps.