Menu
The Circle Blog
 
Back to all posts
January 06, 2018

Meltdown and Spectre Vulnerabilities

The Meltdown and Spectre vulnerabilities allow an attacker to run malicious code on a vulnerable computer.

In order to protect customer funds, Circle's operations team updated our systems as soon as the operating system patches were released.

These vulnerabilities can affect your computer and mobile phone as well, so it's important that you update your operating systems and browsers with the latest security patches. Patching your systems and browsers protects access to your funds and data at Circle and all other Internet services you use. CNET has a good explanation on how to install patches or updates for various operating systems and browsers.

What Circle is doing to protect your funds:

At Circle, security is an important part of product design and our day-to-day operations. One aspect of our commitment to security is that we run all requests that handle customer personal and financial data on dedicated hardware. Running on dedicated hardware reduces the risk that malicious code that could exploit Meltdown or Spectre is introduced from other workloads. We also maintain both internal and external security testing programs to ensure that malicious code cannot be injected through requests that handle personal and financial data.

The operations team continues to monitor and evaluate all security bulletins and software updates to ensure our systems operate efficiently and securely.

What you should do to protect your funds:

You personal computer and phone are vulnerable to Meltdown and Spectre as well. To protect yourself from these vulnerabilities:

  • Update the Operating System on your computer and mobile phone.
    • OS X - Apple recommends version 10.13.2
    • iOS - Apple recommends version 11.2
    • Windows - Microsoft released an out-of-band security update (KB4056892)
    • Android - Android's January update addresses the vulnerabilities
  • Update the browser
    • Chrome - Chrome 64 will fix the vulnerabilities.
    • Safari - Apple plans to release an update to Safari to fix the vulnerabilities
    • Microsoft Edge/IE - fixed in KB4056892
    • Firefox - Version 57.0.4 addresses the vulnerabilities

If you're worried about your account, please contact Customer Support. A member of our support team will be available to respond to any concerns you may have. The quickest way to contact our team is via the Help section of our app. You can also visit our help center at https://support.circle.com and send us a message from there.

 
 

Back to all posts