Percussion Meltdown / Speculative Execution Statement

Thu Apr 5, 2018

On January 3rd, 2018 Google's Project Zero team among other researchers announced a Speculative Execution vulnerability related to an optimization technique used in certain micro processors.  Percussion is aware of this vulnerability and has been working with our Technology partners to ensure that our Cloud hosted customers are protected.

Percussion CM SaaS / Cloud customer's hosted at Amazon Web Services are protected by Amazon's patching of their underlying infrastructure and Percussion has already applied a first round of relevant security patches for customers.  We will follow the relevant CVE updates and apply ongoing Patches as they are available.  Due to the nature of these patches, the patching process often requires a reboot of customer CM1 hosts.  Customer web sites are unaffected during the patching process due to Percussion's de-coupled architecture.

Percussion On-Premise customers should consult with their on-premise, Hardware, Operating System, and Virtualization vendors to ensure that their systems are patched and up to date. 

Internally Percussion I.T. is focused on Patching internal servers, virtualization clusters, and hardware as vendor patches are available.  

Nate Chadwick
Nate Chadwick
Vice President of Products & Services | Percussion Software