About FREEDOME and execution vulnerabilities in ARM-based and Intel-based CPUs (i.e. Spectre, Meltdo
The recently uncovered security issues known as Meltdown and Spectre affect nearly all computing devices and operating systems. Exploiting many of these issues requires a malicious code to be loaded and executed on the targeted computing device.
F-Secure uses various hosting vendors for VPN Service Nodes (VPN Gateways) to deliver the FREEDOME VPN service. Some of the hosting vendors use shared virtualization infrastructure which does introduce a security risk for F-Secure FREEDOME. Although the FREEDOME VPN Gateway software is not directly affected by this vulnerability, other software running on the same physical hardware in the virtualized environment may potentially exploit the FREEDOME software as well.
The hosting vendors used by F-Secure FREEDOME will start to patch their environments today, January 5th 2018. F-Secure will monitor the patching cycles to ensure the patching will be done as soon as possible.
F-Secure FREEDOME client software is not directly affected by this vulnerability, but the operating system on the device running FREEDOME must be upgraded with the latest security fixes to keep the clients secure.