Cisco fears it will be caught by big chip bug

giant_weta_mike_locke_flicker_cc_20Networking giant Cisco is frantically checking its products to see if they have been hit by last week’s chip scare.

For those who came in late, last week it emerged that Chipzilla had a vulnerability for decades, with the potential to affect millions of computers across a range of operating systems.

Cisco said that the majority of its products would not be susceptible because they do not allow users to run custom code, which is required to exploit the vulnerabilities. But some may be vulnerable, and Cisco is offering updates.

In a statement, Cisco said that the only Cisco devices that are found to allow the customer to execute their customised code side by side with the Cisco code on the same microprocessor are considered vulnerable.

“A Cisco product that may be deployed as a virtual machine or a container, even while not being directly affected by any of these vulnerabilities, could be targeted by such attacks if the hosting environment is vulnerable.

“Cisco recommends customers harden their virtual environment and ensure that all security updates are installed.”