Gensuite is issuing this statement to communicate our assessment and planned actions in response to recently discovered hardware vulnerabilities (Intel/ARM/AMD chips; Meltdown and Spectre).
We have been actively working with our vendors and services providers to obtain and properly test patches to these vulnerabilities as quick as possible. We have completed our assessment and verified that Gensuite hardware/devices directly accessible from the Internet are not affected by Spectre and Meltdown. We’ve also currently halted installation of any software on all infrastructure and enhanced the oversight and monitoring of our highly privileged user accounts. Gensuite does not run in a shared multi-tenant environment and all Gensuite hardware is strictly dedicated for Gensuite use. The hardware which is susceptible to Spectre sits behind our protected firewalls and is not directly accessible from the Internet.
Later this week we will begin rolling out our hypervisor patches to our private cloud. All Windows patches are currently scheduled to be applied during our January 20th maintenance window. Since there are currently no active exploitations, we don’t feel the need to do immediate patching and cause downtime for our users. However, if an active exploit is released we will expedite the patching window.
For any further questions regarding this statement, please contact Gensuite Senior Manager of IT operations, Lucas Read ([email protected]).