Meltdown and Spectre made big news in the last couple of days as exploits of critical vulnerabilities in modern processors.
Security has always been and continues to be of paramount importance for NComputing. Please find the detailed information pertaining to each hardware product family as it relates to these vulnerabilities:
NComputing RX-series thin client (including RX300 for vSpace and RX-HDX for Citrix):
- Built based on Raspbian Pi 3 platform with processor type: ARM Cortex A53
- Not affected by Meltdown or Spectre. More details in the Raspberry Pi foundation posting (reference: https://www.raspberrypi.org/blog/)
- There is no need for any operating system patches
NComputing L-series, M-series and MX-series thin clients:
- Built based on proprietary processor with ARM926EJ-S core
- Not affected by any of the vulnerabilities (reference: https://developer.arm.com/support/security-update)
- There is no need for any operating system patches
NComputing N-series thin client
- Built based on proprietary processor with Cortex A9 core. Based on information provided in the ARM developer forum this processor is susceptible to variant 1 and variant 2 vulnerabilities (reference: https://developer.arm.com/support/security-update)
- There is no need for any operating system patches
- Official statement from NComputing: While the N-series thin clients are built on a processor that is vulnerable to Spectre and Meltdown it is important to keep in mind that these devices use proprietary NComputing firmware executing very specific and pre-defined functionality. It is not possible to inject external applications or micro-code into this locked-down proprietary firmware. Furthermore, the Numo3 chip is our own ASIC and is generally not compatible with external Linux applications. We are confident that the N-series devices are secure and safe to use as along as only unaltered and certified genuine NComputing firmware is installed.