Vulnerabilities related to CPU hardware vulnerable to side-channel attacks, also referred to as Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5715, CVE-2017-5753), were officially reported on January 4, 2018:
http://www.kb.cert.org/vuls/id/584653
We want you to know that we are aware of these issues and are actively engaged in steps to address them in services that we manage, including Jamf Cloud.
Amazon Web Services (AWS) provides the platform for Jamf Cloud, and AWS has addressed their portion of the vulnerability remediation as outlined in the following security bulletin:
https://aws.amazon.com/security/security-bulletins/AWS-2018-013/
We are actively monitoring the situation and will take all necessary steps to continue to protect Jamf Cloud instances, including installing required patches as soon as they are available. It is also important to monitor for the latest operating systems and patch them as they become available from Apple.
