This week, the world became aware of two major vulnerabilities, “Meltdown” and “Spectre,” that impact a large majority of computer processors. The vulnerabilities were discovered in late 2017 by teams of researchers who alerted major processor makers such as Intel, AMD, and ARM. The vulnerabilities that have been identified are fundamental designs within the chip architectures and must be addressed at the OS level on every system.
"...For our customers where the use of our software/applications is in their own environment or a non-Infor environment, we highly recommend you apply the recommended patches as soon as practical. As always, we recommend customers do not place sensitive data into our Help Desk environments, including Infor Xtreme."
"For customers using our SaaS environments, Infor is working with our partners Amazon Web Services (AWS) and Google Compute Platform (GCP) to ensure your information is fully protected. All environments have been patched by AWS and GCP at the hypervisor level, and Infor is working on patching at the OS level as patches are made available. To that end, Infor may need to schedule maintenance that goes beyond what you had experienced in the past to perform patches on every SaaS environment to ensure full protection against this threat. Note the urgency of these patches will limit the ability for our customers to refuse to accept some maintenance windows."
Read the full article with FAQs at: http://blogs.infor.com/insights/2018/01/a-message-to-our-customers-about-the-meltdown-and-spectre-vulnerabilities.html