As widely reported in the media, a significant security flaw has been identified with CPU architecture. While this applies to a range of processors, the impacted processor types used by the Civica Learning platform are those produced by Intel and AMD. With Intel processors, the risk has been identified as significant, while AMD have reported that the risk is near to zero with their chips.
The Civica Learning platform is hosted by a range of hosting partners. To resolve these security flaws our hosting partners must update their hosting platforms to prevent this security flaw from being exploited. We have confirmed that all of our hosting partners have either already completed this process, or are currently doing so. As the full extent of this vulnerability is still being investigated (particularly with reference to AMD processors) further updates may be required to ensure the risk is removed completely. We will continue to work with our hosting partners to ensure that any and all appropriate security patches are applied in a timely fashion to ensure that the Civica Learning platform remains secure. While we hope to avoid it, this may result in a small amount of unplanned downtime, which is undesirable, but I hope you would agree better than a significant security flaw remaining unpatched.
Our internal IT infrastructure, which may contain client information such as contracts, is also being reviewed. We can confirm that similar processes and patch procedures are in place to ensure our infrastructure remains protected against threats including the processor vulnerability.
If you have any questions regarding this, please do not hesitate to contact the support team, although please be aware that we may be unable to disclose specific details based on the assessed data protection risk of the requested information.
Comments
0 comments
Please sign in to leave a comment.