These vulnerabilities do not allow an external unauthorized party to gain access to a machine, but could allow a party with access to a system to access unauthorized data.
In the first line of defense are the firewall and security tools that most organizations already have in place. The SERTI Cloud is already protected with both firewall and security monitoring.
Complete mitigation of these vulnerabilities involves installing patches to both system firmware and operating system. The firmware patch provides partial remediation and is required for the OS patch to be effective.
We are currently performing an evaluation and analysis of the impact that the Microsoft patches (for SDSMerlin) will have on our infrastructure in a test environment.
Once these tests are completed and conclusive, we will gradually start updating our infrastructure to ensure maximum protection based on available security updates.
We will provide more details on the steps taken by our technical teams to counteract this situation in the coming weeks...