Information Regarding Meltdown and Spectre Vulnerabilities
January 04, 2018
Two major vulnerabilities have been reported in the news—known as “Meltdown” and “Spectre”—that impact microprocessors manufactured by major vendors which are being used in most computer systems globally.
These flaws in the microprocessor could allow hackers to obtain the memory contents of a computer system including servers, workstations and mobile devices. Please see the following links for more information about “Meltdown”: CVE-2017-5754, and “Spectre”: CVE-2017-5753 and CVE-2017-5715.
At this time, ADP has no reason to believe that any of its internal systems have been compromised by an attack related to these flaws. ADP is working closely with its vendors to assess and evaluate patches as they become available.
In the interim, our advanced host protection software will be adding extra detection capabilities designed to help prevent a related attack. This is in addition to ADP’s layered defenses, which include technologies and controls to identify and/or prevent threats, assess vulnerabilities and apply appropriate protection and detection control updates.
The ADP Global Security Organization continues to actively monitor this situation and will provide updates as necessary.
Clients are encouraged to visit our website at www.adp.com/trust to learn more about how ADP protects security and privacy, and how clients can help protect themselves.
Protecting our clients and their data from malicious activity is a top priority for ADP.
Download a PDF of this Alert