c01-meltdown-spectre

Informatica Alert Regarding Meltdown and Spectre Vulnerabilities

On January 3, the U.S. National Cybersecurity and Communications Integration Center (NCCIC) became aware of a set of security vulnerabilities—known as Meltdown and Spectre—that affect computer processors. Exploitation of these could allow an attacker to obtain access to sensitive information.

System software vendors have issued OS-level patches to customers to protect against these hardware vulnerabilities. Cloud service providers have applied these patches to their systems. However, the NCCIC notes that, "after [OS] patching, [application] performance may be diminished by up to 30 percent.”

Informatica is committed to help you minimize the disruption to how you manage and deliver data. For all Informatica on-premises and cloud customers, we will provide temporary increase of up to 30 percent more CPU/capacity, at no charge for 30 days from when your request is granted, as you evaluate how much extra CPU/capacity you will need. For our cloud customers, we are working closely with our infrastructure partners to update systems consistent with our internal security standards.

To activate your request, customers should login to their account and submit a request via a support ticket to Informatica Global Customer Support (GCS).

We have put together a set of FAQs to explain more about the vulnerability and how we can help. You can access the FAQ below, as well as access more resources to help stay updated with this issue.

 


Resources

Spectre and Meltdown CPU Flaw FAQ

Get answers about the vulnerability, the patches, and details about how Informatica can help.

Press Release

Informatica Offers Increased Compute Capacity at No Additional Cost to Customers to Address Spectre and Meltdown Impact

U.S. Computer Emergency Readiness Team's Alert

Meltdown and Spectre Side-Channel Vulnerability Guidance.

Graz University of Technology Information Site: Meltdown and Spectre

Vulnerabilities in modern computers leak passwords and sensitive data.